aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/aaf/.gitignore2
-rw-r--r--kubernetes/aaf/.helmignore22
-rw-r--r--kubernetes/aaf/Chart.yaml59
-rw-r--r--kubernetes/aaf/Makefile58
-rw-r--r--kubernetes/aaf/components/Makefile65
-rw-r--r--kubernetes/aaf/components/aaf-cass/.helmignore21
-rw-r--r--kubernetes/aaf/components/aaf-cass/Chart.yaml28
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat74
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/config.dat10
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat59
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat88
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns_attrib.dat0
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat547
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat352
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat430
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/NOTES.txt33
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/configmap.yaml32
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/deployment.yaml136
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/pv.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/service.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cass/values.yaml96
-rw-r--r--kubernetes/aaf/components/aaf-cm/.helmignore21
-rw-r--r--kubernetes/aaf/components/aaf-cm/Chart.yaml32
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/NOTES.txt33
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/ingress.yaml4
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/service.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cm/values.yaml94
-rw-r--r--kubernetes/aaf/components/aaf-fs/.helmignore21
-rw-r--r--kubernetes/aaf/components/aaf-fs/Chart.yaml31
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/NOTES.txt33
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/deployment.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/ingress.yaml4
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/service.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-fs/values.yaml95
-rw-r--r--kubernetes/aaf/components/aaf-gui/.helmignore21
-rw-r--r--kubernetes/aaf/components/aaf-gui/Chart.yaml31
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/NOTES.txt33
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/deployment.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/ingress.yaml4
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/service.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-gui/values.yaml95
-rw-r--r--kubernetes/aaf/components/aaf-locate/.helmignore21
-rw-r--r--kubernetes/aaf/components/aaf-locate/Chart.yaml31
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/NOTES.txt33
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/deployment.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/ingress.yaml2
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/service.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-locate/values.yaml92
-rw-r--r--kubernetes/aaf/components/aaf-oauth/.helmignore21
-rw-r--r--kubernetes/aaf/components/aaf-oauth/Chart.yaml31
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt33
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml2
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/service.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-oauth/values.yaml95
-rw-r--r--kubernetes/aaf/components/aaf-service/.helmignore21
-rw-r--r--kubernetes/aaf/components/aaf-service/Chart.yaml31
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/deployment.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/ingress.yaml4
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/service.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-service/values.yaml94
-rw-r--r--kubernetes/aaf/components/aaf-sms/Chart.yaml37
-rw-r--r--kubernetes/aaf/components/aaf-sms/Makefile58
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/Makefile58
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml28
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/resources/config/config.json7
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/pv.yaml45
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml111
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/values.yaml73
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml29
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/configmap.yaml43
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/pv.yaml45
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/service.yaml41
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml118
-rw-r--r--kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/values.yaml109
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem26
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/config/has.json51
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/config/osdf.json112
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/configmap.yaml42
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/deployment.yaml148
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/job.yaml216
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/pv.yaml40
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/pvc.yaml39
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/secret.yaml32
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/service.yaml41
-rw-r--r--kubernetes/aaf/components/aaf-sms/values.yaml283
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/Chart.yaml40
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/Makefile58
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/README.md24
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/Makefile58
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml28
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/configmap.yaml25
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/deployment.yaml89
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/job.yaml74
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/values.yaml66
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml28
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/configmap.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/job.yaml101
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/values.yaml70
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml28
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/templates/job.yaml126
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/values.yaml66
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd1
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle1
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml17
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml17
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml17
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml17
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml24
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/values.yaml72
-rw-r--r--kubernetes/aaf/components/aaf-templates/Chart.yaml24
-rw-r--r--kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl84
-rw-r--r--kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl130
-rw-r--r--kubernetes/aaf/components/aaf-templates/values.yaml13
-rw-r--r--kubernetes/aaf/resources/data/identities.dat94
-rw-r--r--kubernetes/aaf/resources/log/org.osaaf.aaf.log4j.props53
-rw-r--r--kubernetes/aaf/templates/configmap.yaml39
-rw-r--r--kubernetes/aaf/values.yaml104
-rw-r--r--kubernetes/aai/components/aai-babel/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/aai/components/aai-babel/values.yaml7
-rw-r--r--kubernetes/aai/components/aai-graphadmin/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/aai/components/aai-graphadmin/values.yaml5
-rw-r--r--kubernetes/aai/components/aai-resources/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/aai/components/aai-resources/values.yaml6
-rw-r--r--kubernetes/aai/components/aai-schema-service/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/aai/components/aai-schema-service/values.yaml7
-rw-r--r--kubernetes/aai/components/aai-sparky-be/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/aai/components/aai-sparky-be/values.yaml6
-rw-r--r--kubernetes/aai/components/aai-traversal/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/aai/components/aai-traversal/values.yaml6
-rw-r--r--kubernetes/aai/templates/authorizationpolicy.yaml100
-rw-r--r--kubernetes/aai/values.yaml38
-rwxr-xr-xkubernetes/cds/components/cds-command-executor/templates/deployment.yaml27
-rwxr-xr-xkubernetes/cds/components/cds-command-executor/templates/service.yaml34
-rwxr-xr-xkubernetes/cds/components/cds-command-executor/values.yaml18
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml4
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml26
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/templates/service.yaml26
-rw-r--r--kubernetes/cds/components/cds-sdc-listener/values.yaml9
-rw-r--r--kubernetes/cds/components/cds-ui/Chart.yaml3
-rw-r--r--kubernetes/cds/components/cds-ui/templates/deployment.yaml35
-rw-r--r--kubernetes/cds/components/cds-ui/templates/service.yaml28
-rw-r--r--kubernetes/cds/components/cds-ui/values.yaml27
-rw-r--r--kubernetes/common/cassandra/templates/backup/configmap.yaml2
-rw-r--r--kubernetes/common/cassandra/templates/backup/cronjob.yaml3
-rw-r--r--kubernetes/common/cassandra/templates/backup/pv.yaml3
-rw-r--r--kubernetes/common/cassandra/templates/backup/pvc.yaml3
-rw-r--r--kubernetes/common/cassandra/templates/cassOp.yaml (renamed from kubernetes/aaf/components/aaf-cm/templates/deployment.yaml)7
-rw-r--r--kubernetes/common/cassandra/templates/configmap.yaml2
-rw-r--r--kubernetes/common/cassandra/templates/ingress.yaml (renamed from kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pv.yaml)4
-rw-r--r--kubernetes/common/cassandra/templates/pv.yaml3
-rw-r--r--kubernetes/common/cassandra/templates/secrets.yaml (renamed from kubernetes/portal/templates/secrets.yaml)6
-rw-r--r--kubernetes/common/cassandra/templates/service.yaml2
-rw-r--r--kubernetes/common/cassandra/templates/servicemonitor.yaml2
-rw-r--r--kubernetes/common/cassandra/templates/statefulset.yaml2
-rw-r--r--kubernetes/common/cassandra/values.yaml50
-rw-r--r--kubernetes/common/common/templates/_cassOp.tpl51
-rw-r--r--kubernetes/common/common/templates/_serviceMesh.tpl2
-rw-r--r--kubernetes/common/postgres/templates/_deployment.tpl43
-rw-r--r--kubernetes/common/postgres/templates/metrics-svc-primary.yaml (renamed from kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/configmap.yaml)26
-rw-r--r--kubernetes/common/postgres/templates/metrics-svc-replica.yaml (renamed from kubernetes/consul/templates/secrets.yaml)26
-rw-r--r--kubernetes/common/postgres/templates/servicemonitor.yaml (renamed from kubernetes/aaf/components/aaf-cass/templates/pvc.yaml)7
-rw-r--r--kubernetes/common/postgres/values.yaml98
-rw-r--r--kubernetes/consul/.helmignore22
-rw-r--r--kubernetes/consul/Chart.yaml39
-rw-r--r--kubernetes/consul/Makefile58
-rw-r--r--kubernetes/consul/components/Makefile58
-rw-r--r--kubernetes/consul/components/consul-server/Chart.yaml35
-rw-r--r--kubernetes/consul/components/consul-server/templates/NOTES.txt34
-rw-r--r--kubernetes/consul/components/consul-server/templates/service.yaml67
-rw-r--r--kubernetes/consul/components/consul-server/templates/statefulset.yaml77
-rw-r--r--kubernetes/consul/components/consul-server/values.yaml100
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/aaf-service-health.json20
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/aaf-sms-health.json17
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/aai-data-router-health.json14
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/aai-model-loader-health.json14
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json33
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json46
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/aai-sparky-be-health.json14
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.crt.pem25
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.key.pem32
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/clamp-health.json17
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json16
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/cli-health-check.json15
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json23
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/log-kibana.json16
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/log-logstash.json95
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/model-loader.properties39
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/mr-health.json29
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/msb-health.json39
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json77
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/policy-health.json111
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-doc.txt9
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh35
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh33
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh33
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh33
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh31
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh31
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh32
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh36
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh36
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh36
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh36
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-cluster-health.sh61
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh31
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh61
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/so-api-script.sh33
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/so-camunda-script.sh33
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/so-jra-script.sh33
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh32
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh33
-rwxr-xr-xkubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh32
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdc-health.json49
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdnc-cluster-health.json14
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdnc-dbhost.json14
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json22
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json22
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json14
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json14
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json22
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/so-health.json28
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/so-mariabdb.json15
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/vfc-health.json119
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/vid-health.json29
-rw-r--r--kubernetes/consul/templates/configmap.yaml42
-rw-r--r--kubernetes/consul/templates/deployment.yaml99
-rw-r--r--kubernetes/consul/templates/ingress.yaml1
-rw-r--r--kubernetes/consul/values.yaml117
-rw-r--r--kubernetes/contrib/.gitignore1
-rw-r--r--kubernetes/contrib/.helmignore1
-rwxr-xr-xkubernetes/contrib/Chart.yaml40
-rw-r--r--kubernetes/contrib/Makefile58
-rw-r--r--kubernetes/contrib/components/Makefile58
-rwxr-xr-xkubernetes/contrib/components/awx/Chart.yaml36
-rw-r--r--kubernetes/contrib/components/awx/Makefile58
-rw-r--r--kubernetes/contrib/components/awx/components/Makefile58
-rwxr-xr-xkubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml31
-rwxr-xr-xkubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt33
-rwxr-xr-xkubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml89
-rwxr-xr-xkubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml40
-rwxr-xr-xkubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml39
-rwxr-xr-xkubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml42
-rwxr-xr-xkubernetes/contrib/components/awx/components/awx-postgres/values.yaml88
-rw-r--r--kubernetes/contrib/components/awx/resources/config/credentials.py38
-rw-r--r--kubernetes/contrib/components/awx/resources/config/environment.sh27
-rw-r--r--kubernetes/contrib/components/awx/templates/configmap.yaml238
-rw-r--r--kubernetes/contrib/components/awx/templates/job.yaml130
-rw-r--r--kubernetes/contrib/components/awx/templates/secret.yaml31
-rwxr-xr-xkubernetes/contrib/components/awx/templates/service.yaml79
-rw-r--r--kubernetes/contrib/components/awx/templates/serviceaccount.yaml44
-rw-r--r--kubernetes/contrib/components/awx/templates/statefulset.yaml227
-rwxr-xr-xkubernetes/contrib/components/awx/values.yaml120
-rw-r--r--kubernetes/contrib/components/ejbca/Chart.yaml42
-rw-r--r--kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml595
-rwxr-xr-xkubernetes/contrib/components/ejbca/resources/ejbca-config.sh58
-rw-r--r--kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml1107
-rw-r--r--kubernetes/contrib/components/ejbca/templates/configmap.yaml30
-rw-r--r--kubernetes/contrib/components/ejbca/templates/deployment.yaml120
-rw-r--r--kubernetes/contrib/components/ejbca/values.yaml135
-rwxr-xr-xkubernetes/contrib/components/netbox/.helmignore21
-rwxr-xr-xkubernetes/contrib/components/netbox/Chart.yaml37
-rw-r--r--kubernetes/contrib/components/netbox/Makefile58
-rw-r--r--kubernetes/contrib/components/netbox/components/Makefile58
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/.helmignore21
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml31
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py156
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py8
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py55
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml18
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml9
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml9
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh136
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py26
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py19
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py68
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt33
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml47
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml158
-rw-r--r--kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml67
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml40
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml39
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml34
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml42
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-app/values.yaml120
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore21
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml31
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf34
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt33
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml23
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml75
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml39
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml89
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore21
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml31
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt33
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml23
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml79
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml40
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml39
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml42
-rwxr-xr-xkubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml88
-rwxr-xr-xkubernetes/contrib/components/netbox/templates/ingress.yaml47
-rwxr-xr-xkubernetes/contrib/components/netbox/values.yaml36
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md23
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore37
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml20
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt21
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl49
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml76
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml39
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml34
-rw-r--r--kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml46
-rwxr-xr-xkubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh106
-rw-r--r--kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml296
-rw-r--r--kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_enable_optional_load_balacer_service.yaml22
-rwxr-xr-xkubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh92
-rwxr-xr-xkubernetes/contrib/tools/oomstat.py256
-rwxr-xr-xkubernetes/contrib/tools/registry-initialize.sh152
-rwxr-xr-xkubernetes/contrib/tools/rke/rke_setup.sh353
-rw-r--r--kubernetes/contrib/values.yaml21
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/authorizationpolicy.yaml (renamed from kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pvc.yaml)4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/authorizationpolicy.yaml (renamed from kubernetes/contrib/components/ejbca/templates/secret.yaml)4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/authorizationpolicy.yaml (renamed from kubernetes/contrib/components/ejbca/templates/service.yaml)4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/authorizationpolicy.yaml136
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml9
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/authorizationpolicy.yaml136
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml6
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml3
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml8
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml5
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pmsh/templates/authorizationpolicy.yaml136
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-prh/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-prh/values.yaml5
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml6
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml3
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/authorizationpolicy.yaml136
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml10
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/templates/authorizationpolicy.yaml136
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml5
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml6
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml5
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/authorizationpolicy.yaml17
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml4
-rwxr-xr-xkubernetes/helm/plugins/deploy/deploy.sh4
-rw-r--r--kubernetes/log/.helmignore22
-rw-r--r--kubernetes/log/Chart.yaml38
-rw-r--r--kubernetes/log/Makefile59
-rw-r--r--kubernetes/log/components/Makefile59
-rw-r--r--kubernetes/log/components/log-elasticsearch/Chart.yaml29
-rw-r--r--kubernetes/log/components/log-elasticsearch/resources/config/elasticsearch.yml146
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/NOTES.txt33
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/configmap.yaml29
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/deployment.yaml114
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/ingress.yaml1
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/pv.yaml37
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/pvc.yaml38
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/service.yaml70
-rw-r--r--kubernetes/log/components/log-elasticsearch/values.yaml116
-rw-r--r--kubernetes/log/components/log-kibana/Chart.yaml29
-rw-r--r--kubernetes/log/components/log-kibana/resources/config/README.txt1
-rw-r--r--kubernetes/log/components/log-kibana/resources/config/kibana-onboarding.json0
-rw-r--r--kubernetes/log/components/log-kibana/resources/config/kibana.yml129
-rw-r--r--kubernetes/log/components/log-kibana/templates/NOTES.txt32
-rw-r--r--kubernetes/log/components/log-kibana/templates/configmap.yaml29
-rw-r--r--kubernetes/log/components/log-kibana/templates/deployment.yaml116
-rw-r--r--kubernetes/log/components/log-kibana/templates/ingress.yaml1
-rw-r--r--kubernetes/log/components/log-kibana/templates/service.yaml43
-rw-r--r--kubernetes/log/components/log-kibana/values.yaml100
-rw-r--r--kubernetes/log/components/log-logstash/Chart.yaml29
-rw-r--r--kubernetes/log/components/log-logstash/resources/config/logstash.yml32
-rw-r--r--kubernetes/log/components/log-logstash/resources/config/onap-pipeline.conf276
-rw-r--r--kubernetes/log/components/log-logstash/templates/NOTES.txt32
-rw-r--r--kubernetes/log/components/log-logstash/templates/configmap.yaml29
-rw-r--r--kubernetes/log/components/log-logstash/templates/deployment.yaml104
-rw-r--r--kubernetes/log/components/log-logstash/templates/ingress.yaml1
-rw-r--r--kubernetes/log/components/log-logstash/templates/service.yaml70
-rw-r--r--kubernetes/log/components/log-logstash/values.yaml102
-rw-r--r--kubernetes/log/values.yaml20
-rw-r--r--kubernetes/onap/Chart.yaml24
-rw-r--r--kubernetes/onap/resources/environments/core-onap.yaml16
-rw-r--r--kubernetes/onap/resources/environments/dev.yaml16
-rw-r--r--kubernetes/onap/resources/environments/disable-allcharts.yaml16
-rw-r--r--kubernetes/onap/resources/environments/minimal-onap.yaml56
-rw-r--r--kubernetes/onap/resources/environments/public-cloud.yaml33
-rw-r--r--kubernetes/onap/resources/overrides/environment.yaml42
-rw-r--r--kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml16
-rw-r--r--kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml17
-rw-r--r--kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml19
-rw-r--r--kubernetes/onap/resources/overrides/onap-all.yaml20
-rw-r--r--kubernetes/onap/resources/overrides/onap-vfw.yaml10
-rw-r--r--kubernetes/onap/resources/overrides/sm-onap.yaml20
-rwxr-xr-xkubernetes/onap/values.yaml54
-rwxr-xr-xkubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml2
-rw-r--r--kubernetes/portal/.helmignore22
-rw-r--r--kubernetes/portal/Chart.yaml41
-rw-r--r--kubernetes/portal/Makefile59
-rw-r--r--kubernetes/portal/components/Makefile59
-rw-r--r--kubernetes/portal/components/portal-app/.helmignore21
-rw-r--r--kubernetes/portal/components/portal-app/Chart.yaml34
-rwxr-xr-xkubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties63
-rw-r--r--kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/key.properties4
-rw-r--r--kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml300
-rw-r--r--kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties35
-rwxr-xr-xkubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties19
-rwxr-xr-xkubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties45
-rwxr-xr-xkubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties127
-rw-r--r--kubernetes/portal/components/portal-app/resources/server/server.xml157
-rw-r--r--kubernetes/portal/components/portal-app/resources/server/web.xml155
-rw-r--r--kubernetes/portal/components/portal-app/templates/NOTES.txt19
-rw-r--r--kubernetes/portal/components/portal-app/templates/configmap.yaml30
-rw-r--r--kubernetes/portal/components/portal-app/templates/deployment.yaml191
-rw-r--r--kubernetes/portal/components/portal-app/templates/ingress.yaml1
-rw-r--r--kubernetes/portal/components/portal-app/templates/secret.yaml18
-rw-r--r--kubernetes/portal/components/portal-app/templates/service.yaml59
-rw-r--r--kubernetes/portal/components/portal-app/values.yaml179
-rw-r--r--kubernetes/portal/components/portal-cassandra/.helmignore21
-rw-r--r--kubernetes/portal/components/portal-cassandra/Chart.yaml32
-rw-r--r--kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql72
-rw-r--r--kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql145
-rw-r--r--kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql68
-rw-r--r--kubernetes/portal/components/portal-cassandra/templates/NOTES.txt33
-rw-r--r--kubernetes/portal/components/portal-cassandra/templates/configmap.yaml30
-rw-r--r--kubernetes/portal/components/portal-cassandra/templates/deployment.yaml157
-rw-r--r--kubernetes/portal/components/portal-cassandra/templates/pv.yaml41
-rw-r--r--kubernetes/portal/components/portal-cassandra/templates/pvc.yaml40
-rw-r--r--kubernetes/portal/components/portal-cassandra/templates/secrets.yaml17
-rw-r--r--kubernetes/portal/components/portal-cassandra/templates/service.yaml72
-rw-r--r--kubernetes/portal/components/portal-cassandra/values.yaml148
-rw-r--r--kubernetes/portal/components/portal-mariadb/.helmignore21
-rw-r--r--kubernetes/portal/components/portal-mariadb/Chart.yaml32
-rw-r--r--kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh384
-rw-r--r--kubernetes/portal/components/portal-mariadb/resources/config/mariadb/oom_updates.sql95
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/NOTES.txt33
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/configmap.yaml30
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/deployment.yaml121
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/job.yaml95
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/pv.yaml41
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/pvc.yaml40
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/secrets.yaml33
-rw-r--r--kubernetes/portal/components/portal-mariadb/templates/service.yaml41
-rw-r--r--kubernetes/portal/components/portal-mariadb/values.yaml153
-rw-r--r--kubernetes/portal/components/portal-sdk/.helmignore21
-rw-r--r--kubernetes/portal/components/portal-sdk/Chart.yaml35
-rw-r--r--kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties51
-rw-r--r--kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/key.properties42
-rw-r--r--kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml225
-rw-r--r--kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties36
-rwxr-xr-xkubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties62
-rwxr-xr-xkubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties95
-rw-r--r--kubernetes/portal/components/portal-sdk/resources/server/server.xml155
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/NOTES.txt33
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/configmap.yaml30
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/deployment.yaml182
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/ingress.yaml1
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/secrets.yaml17
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/service.yaml43
-rw-r--r--kubernetes/portal/components/portal-sdk/values.yaml173
-rw-r--r--kubernetes/portal/components/portal-widget/.helmignore21
-rw-r--r--kubernetes/portal/components/portal-widget/Chart.yaml32
-rw-r--r--kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties32
-rw-r--r--kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml19
-rw-r--r--kubernetes/portal/components/portal-widget/templates/NOTES.txt33
-rw-r--r--kubernetes/portal/components/portal-widget/templates/configmap.yaml29
-rw-r--r--kubernetes/portal/components/portal-widget/templates/deployment.yaml140
-rw-r--r--kubernetes/portal/components/portal-widget/templates/secret.yaml17
-rw-r--r--kubernetes/portal/components/portal-widget/templates/service.yaml43
-rw-r--r--kubernetes/portal/components/portal-widget/values.yaml132
-rw-r--r--kubernetes/portal/docker/init/mariadb-client/Dockerfile53
-rw-r--r--kubernetes/portal/docker/init/mariadb-client/db_migrate.sh38
-rw-r--r--kubernetes/portal/resources/config/log/filebeat/filebeat.yml57
-rw-r--r--kubernetes/portal/templates/configmap.yaml18
-rw-r--r--kubernetes/portal/values.yaml90
-rw-r--r--kubernetes/sdc/components/sdc-cs/templates/job.yaml5
-rw-r--r--kubernetes/sdc/components/sdc-cs/values.yaml14
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml5
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml7
-rw-r--r--kubernetes/sdc/resources/config/cqlshrc2
-rw-r--r--kubernetes/sdc/templates/configmap.yaml13
-rw-r--r--kubernetes/sdc/values.yaml36
-rw-r--r--kubernetes/sniro-emulator/.helmignore21
-rw-r--r--kubernetes/sniro-emulator/Chart.yaml31
-rw-r--r--kubernetes/sniro-emulator/templates/NOTES.txt34
-rw-r--r--kubernetes/sniro-emulator/templates/deployment.yaml67
-rw-r--r--kubernetes/sniro-emulator/templates/service.yaml42
-rw-r--r--kubernetes/sniro-emulator/values.yaml75
-rw-r--r--kubernetes/strimzi/values.yaml4
-rw-r--r--kubernetes/uui/components/uui-intent-analysis/resources/config/intent-analysis-init.sql21
510 files changed, 1720 insertions, 25294 deletions
diff --git a/kubernetes/aaf/.gitignore b/kubernetes/aaf/.gitignore
deleted file mode 100644
index 71fbb5cbb9..0000000000
--- a/kubernetes/aaf/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/sms/
-components/dist
diff --git a/kubernetes/aaf/.helmignore b/kubernetes/aaf/.helmignore
deleted file mode 100644
index 7ddbad7ef4..0000000000
--- a/kubernetes/aaf/.helmignore
+++ /dev/null
@@ -1,22 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-components/
diff --git a/kubernetes/aaf/Chart.yaml b/kubernetes/aaf/Chart.yaml
deleted file mode 100644
index ef46ad605e..0000000000
--- a/kubernetes/aaf/Chart.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright © 2018 ZTE
-# Modifications Copyright © 2018 AT&T, Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Application Authorization Framework
-name: aaf
-version: 12.0.0
-
-dependencies:
- - name: aaf-cass
- version: ~12.x-0
- repository: 'file://components/aaf-cass'
- condition: aaf-authz.enabled
- - name: aaf-cm
- version: ~12.x-0
- repository: 'file://components/aaf-cm'
- condition: aaf-authz.enabled
- - name: aaf-fs
- version: ~12.x-0
- repository: 'file://components/aaf-fs'
- condition: aaf-authz.enabled
- - name: aaf-gui
- version: ~12.x-0
- repository: 'file://components/aaf-gui'
- condition: aaf-authz.enabled
- - name: aaf-locate
- version: ~12.x-0
- repository: 'file://components/aaf-locate'
- condition: aaf-authz.enabled
- - name: aaf-oauth
- version: ~12.x-0
- repository: 'file://components/aaf-oauth'
- condition: aaf-authz.enabled
- - name: aaf-service
- version: ~12.x-0
- repository: 'file://components/aaf-service'
- condition: aaf-authz.enabled
- - name: aaf-sms
- version: ~12.x-0
- repository: 'file://components/aaf-sms'
- condition: aaf-sms.enabled
- - name: aaf-sshsm
- version: ~12.x-0
- repository: 'file://components/aaf-sshsm'
- condition: aaf-sshsm.enabled
diff --git a/kubernetes/aaf/Makefile b/kubernetes/aaf/Makefile
deleted file mode 100644
index 75247b44b7..0000000000
--- a/kubernetes/aaf/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile
deleted file mode 100644
index e1b6f31886..0000000000
--- a/kubernetes/aaf/components/Makefile
+++ /dev/null
@@ -1,65 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-PROCESSED_FIRST := aaf-templates
-TO_FILTER := $(PROCESSED_FIRST) $(EXCLUDES)
-
-HELM_CHARTS := $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(PROCESSED_FIRST):
- @echo "\n[$@]"
- @make package-$@
-
-$(HELM_CHARTS): $(PROCESSED_FIRST)
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/aaf/components/aaf-cass/.helmignore b/kubernetes/aaf/components/aaf-cass/.helmignore
deleted file mode 100644
index daebc7da77..0000000000
--- a/kubernetes/aaf/components/aaf-cass/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aaf/components/aaf-cass/Chart.yaml b/kubernetes/aaf/components/aaf-cass/Chart.yaml
deleted file mode 100644
index 86dba6c827..0000000000
--- a/kubernetes/aaf/components/aaf-cass/Chart.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP AAF cassandra
-name: aaf-cass
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
deleted file mode 100644
index 8a923b2bff..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
+++ /dev/null
@@ -1,74 +0,0 @@
-a1p@a1p.onap.org|a1p|local|/opt/app/osaaf/local||mailto:|org.onap.a1p|root|30|{'a1policymanagement.onap', 'a1policymanagement', 'a1policymanagement.api.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'pkcs12'}
-aaf@aaf.osaaf.org|aaf-hello|local|/opt/app/osaaf/local||mailto:|org.osaaf.aaf|root|30|{'aaf-hello', 'aaf-hello.api.simpledemo.onap.org', 'aaf-hello.onap', 'aaf.osaaf.org'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-aaf@aaf.osaaf.org|aaf|local|/opt/app/osaaf/local||mailto:|org.osaaf.aaf|root|30|{'aaf', 'aaf.api.simpledemo.onap.org', 'aaf.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-aaf-sms@aaf-sms.onap.org|aaf-sms|local|/opt/app/osaaf/local||mailto:|org.onap.aaf-sms|root|30|{'aaf-sms-db.onap', 'aaf-sms.api.simpledemo.onap.org', 'aaf-sms.onap', 'aaf-sms.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12', 'file'}
-aai@aai.onap.org|aai1|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|30|{'aai-babel.onap', 'aai-babel', 'aai-modelloader.onap', 'aai-modelloader', 'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12'}
-aai@aai.onap.org|aai2|aaf|/Users/jf2512||mailto:|org.onap.aai|jf2512|60|{'aai-babel.onap', 'aai-babel', 'aai-modelloader.onap', 'aai-modelloader', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.onap aai-sparky-be.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org aai1.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-aai@aai.onap.org|aai|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|60|{'aai-babel.onap', 'aai-babel', 'aai-graphadmin', 'aai-graphadmin.onap', 'aai-modelloader.onap', 'aai-modelloader', 'aai-search-data.onap', 'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
-aai@aai.onap.org|aai.onap|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|30|{'aai-babel.onap', 'aai-babel', 'aai-modelloader.onap', 'aai-modelloader', 'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12'}
-aai@aai.onap.org|mithrilcsp.sbc.com|local|/tmp/onap||mailto:|org.onap.aai|jg1555|30|{'aai-babel.onap', 'aai-babel', 'aai-modelloader.onap', 'aai-modelloader', 'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'}
-aai-resources@aai-resources.onap.org|aai-resources|local|/opt/app/osaaf/local||mailto:|org.onap.aai-resources|root|30|{'aai-resources', 'aai-resources.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
-aai-schema-service@aai-schema-service.onap.org|aai-schema-service|local|/opt/app/osaaf/local||mailto:|org.onap.aai-schema-service|root|30|{'aai-schema-service', 'aai-schema-service.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
-aai-traversal@aai-traversal.onap.org|aai-traversal|local|/opt/app/osaaf/local||mailto:|org.onap.aai-traversal|root|30|{'aai-traversal', 'aai-traversal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
-appc@appc.onap.org|appc|local|/opt/app/osaaf/local||mailto:|org.onap.appc|root|60|{'appc.api.simpledemo.onap.org', 'appc.onap', 'appc.simpledemo.onap.org'}|mmanager@osaaf.org|{'pkcs12'}
-appc-cdt@appc-cdt.onap.org|appc-cdt|local|/opt/app/osaaf/local||mailto:|org.onap.appc-cdt|root|30|{'appc-cdt', 'appc-cdt.api.simpledemo.onap.org', 'appc-cdt.onap'}|mmanager@osaaf.org|{'file', 'pkcs12', 'script'}
-clamp@clamp.onap.org|clamp|local|/opt/app/osaaf/local||mailto:|org.onap.clamp|root|30|{'clamp', 'clamp-onap', 'clamp.api.simpledemo.onap.org', 'clamp.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-clamp@clamp.onap.org|mithrilcsp.sbc.com|local|/tmp/onap||mailto:|org.onap.clamp|jg1555|30|{'clamp.api.simpledemo.onap.org', 'clamp.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
-cli@cli.onap.org|cli|local|/opt/app/osaaf/local||mailto:|org.onap.cli|root|30|{'cli', 'cli.api.simpledemo.onap.org', 'cli.onap'}|mmanager@osaaf.org|{'file', 'pkcs12', 'jks'}
-dcae@dcae.onap.org|dcae|local|/opt/app/osaaf/local||mailto:|org.onap.dcae|root|60|{'bbs-event-processor', 'bbs-event-processor.onap', 'bbs-event-processor.onap.svc.cluster.local', 'config-binding-service', 'config-binding-service.onap', 'config-binding-service.onap.svc.cluster.local', 'dashboard', 'dashboard.onap', 'dashboard.onap.svc.cluster.local', 'dcae-cloudify-manager', 'dcae-cloudify-manager.onap', 'dcae-cloudify-manager.onap.svc.cluster.local', 'dcae-datafile-collector', 'dcae-datafile-collector.onap', 'dcae-datafile-collector.onap.svc.cluster.local', 'dcae-hv-ves-collector', 'dcae-hv-ves-collector.onap', 'dcae-hv-ves-collector.onap.svc.cluster.local', 'dcae-pm-mapper', 'dcae-pm-mapper.onap', 'dcae-pm-mapper.onap.svc.cluster.local', 'dcae-pmsh', 'dcae-pmsh.onap', 'dcae-pmsh.onap.svc.cluster.local', 'dcae-prh', 'dcae-prh.onap', 'dcae-prh.onap.svc.cluster.local', 'dcae-tca-analytics', 'dcae-tca-analytics.onap', 'dcae-tca-analytics.onap.svc.cluster.local', 'dcae-ves-collector', 'dcae-ves-collector.onap', 'dcae-ves-collector.onap.svc.cluster.local', 'deployment-handler', 'deployment-handler.onap', 'deployment-handler.onap.svc.cluster.local', 'holmes-engine-mgmt', 'holmes-engine-mgmt.onap', 'holmes-engine-mgmt.onap.svc.cluster.local', 'holmes-rule-mgmt', 'holmes-rules-mgmt.onap', 'holmes-rules-mgmt.onap.svc.cluster.local', 'inventory', 'inventory.onap', 'inventory.onap.svc.cluster.local', 'policy-handler', 'policy-handler.onap', 'policy-handler.onap.svc.cluster.local'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-dmaap-bc@dmaap-bc.onap.org|dmaap-bc|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-bc|root|30|{'dmaap-bc', 'dmaap-bc.api.simpledemo.onap.org', 'dmaap-bc.onap'}|mmanager@osaaf.org|{'jks', 'pkcs12', 'script'}
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|dmaap-bc-mm-prov|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-bc-mm-prov|root|30|{'dmaap-bc-mm-prov', 'dmaap-bc-mm-prov.api.simpledemo.onap.org', 'dmaap-bc-mm-prov.onap', 'onap.dmaap-bc-mm-prov'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|dmaap-bc-topic-mgr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-bc-topic-mgr|root|30|{'dmaap-bc-topic-mgr', 'dmaap-bc-topic-mgr.api.simpledemo.onap.org', 'dmaap-bc-topic-mgr.onap', 'onap.dmaap-bc-topic-mgr'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-dmaap-dr@dmaap-dr.onap.org|dmaap-dr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-dr|root|30|{'dmaap-dr', 'dmaap-dr.api.simpledemo.onap.org', 'dmaap-dr.onap', 'onap.dmaap-dr'}|aaf_admin@osaaf.org|{'jks', 'script'}
-dmaap-dr-node@dmaap-dr-node.onap.org|dmaap-dr-node|local|/opt/app/osaaf/local||mailto:|onap.dmaap-dr-node|root|30|{'dmaap-dr-node', 'dmaap-dr-node.api.simpledemo.onap.org', 'dmaap-dr-node.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-dmaap-dr-node@dmaap-dr.onap.org|dmaap-dr-node|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-dr|root|30|{'dmaap-dr-node', 'dmaap-dr-node.api.simpledemo.onap.org', 'dmaap-dr-node.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-dmaap-dr-node@dmaap-dr.onap.org|mithril|local|/Volumes/Data/open/authz/auth/docker/dmaap_dr_node||mailto:|org.onap.dmaap-dr|jg1555|30|{'dmaap-dr-node', 'dmaap-dr-node.api.simpledemo.onap.org', 'dmaap-dr-node.onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
-dmaap-dr-prov@dmaap-dr.onap.org|dmaap-dr-prov|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-dr|root|30|{'dmaap-dr-prov', 'dmaap-dr-prov.api.simpledemo.onap.org', 'dmaap-dr-prov.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-dmaap-dr-prov@dmaap-dr.onap.org|mithril|local|/tmp/temp||mailto:|org.onap.dmaap-dr|jg1555|30|{'dmaap-dr-prov', 'dmaap-dr-prov.api.simpledemo.onap.org', 'dmaap-dr-prov.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'}
-dmaap-dr-prov@dmaap-dr-prov.onap.org|dmaap-dr-prov|local|/opt/app/osaaf/local||mailto:|onap.dmaap-dr-prov|root|30|{'dmaap-dr-prov', 'dmaap-dr-prov.api.simpledemo.onap.org', 'dmaap-dr-prov.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-dmaap-mr@dmaap-mr.onap.org|dmaap-mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-mr|root|30|{'dmaap-mr', 'dmaap-mr.onap', 'message-router', 'message-router.onap', 'mr.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
-dmaap.mr@mr.dmaap.onap.org|10.12.25.177|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|@osaaf.org|{'pkcs12', 'script'}
-dmaapmr@mr.dmaap.onap.org|dmaapmr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router', 'message-router.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-dmaapmr@mr.dmaap.onap.org|dmaap-mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router-kafka-0', 'message-router-kafka-0.onap', '{{include "common.release" .}}-message-router-kafka-0.message-router-kafka.onap.svc.cluster.local', 'message-router-kafka-1', 'message-router-kafka-1.onap', '{{include "common.release" .}}-message-router-kafka-1.message-router-kafka.onap.svc.cluster.local', 'message-router-kafka-2', 'message-router-kafka-2.onap', '{{include "common.release" .}}-message-router-kafka-2.message-router-kafka.onap.svc.cluster.local', 'message-router', 'mr.api.simpledemo.onap.org', 'message-router.onap', 'dmaapmr dmaap.mr', 'dmaap-mr', 'dmaap.mr.onap', 'dmaap-mr.onap', 'dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-dmaapmr@mr.dmaap.onap.org|dmaap.mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-dmaap.mr@mr.dmaap.onap.org|dmaap.mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-dmaap.mr@mr.dmaap.onap.org|dmaapmr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-dmaap.mr@mr.dmaap.onap.org|dmaap-mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-holmes@holmes.onap.org|holmes|local|/opt/app/osaaf/local||mailto:|org.onap.holmes|root|30|{'holmes.api.simpledemo.onap.org', 'holmes.onap'}|aaf_admin@osaaf.org|{'pkcs12'}
-holmes-rule-mgmt@holmes-rule-mgmt.onap.org|holmes-rule-mgmt|local|/opt/app/osaaf/local||mailto:|org.onap.holmes-rule-mgmt|root|30|{'holmes-rule-mgmt', 'holmes-rule-mgmt.api.simpledemo.onap.org', 'holmes-rule-mgmt.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
-holmes-engine-mgmt@holmes-engine-mgmt.onap.org|holmes-engine-mgmt|local|/opt/app/osaaf/local||mailto:|org.onap.holmes-engine-mgmt|root|30|{'holmes-engine-mgmt', 'holmes-engine-mgmt.api.simpledemo.onap.org', 'holmes-engine-mgmt.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
-msb-eag@msb-eag.onap.org|msb-eag|local|/opt/app/osaaf/local||mailto:|org.onap.msb-eag|root|30|{'msb-eag', 'msb-eag.api.simpledemo.onap.org', 'msb-eag.onap'}|mmanager@osaaf.org|{'file', 'pkcs12'}
-msb-iag@msb-iag.onap.org|msb-iag|local|/opt/app/osaaf/local||mailto:|org.onap.msb-iag|root|30|{'msb-iag', 'msb-iag.api.simpledemo.onap.org', 'msb-iag.onap'}|mmanager@osaaf.org|{'file', 'pkcs12'}
-music@music.onap.org|music|aaf|/opt/app/aaf/local||mailto:|org.onap.music|root|30|{'music.api.simpledemo.onap.org', 'music.onap'}|mmanager@osaaf.org|{'pkcs12', 'script'}
-music@music.onap.org|music.onap|local|/opt/app/osaaf/local||mailto:|org.onap.music|root|30|{'music-api', 'music-api.onap', 'music-onap', 'music.api.simpledemo.onap.org', 'music.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-nbi@nbi.onap.org|nbi|local|/opt/app/osaaf/local||mailto:|org.onap.nbi|root|30|{'nbi', 'nbi.api.simpledemo.onap.org', 'nbi.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
-ngi@ngi.onap.org|ngi|local|/opt/app/osaaf/local||mailto:|org.onap.ngi|root|30|{'ngi.api.simpledemo.onap.org', 'ngi.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
-oof@oof.onap.org|oof.api.simpledemo.onap.org|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-oof@oof.onap.org|oof|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-oof@oof.onap.org|oof.onap|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-cmso', 'oof-cmso-optimizer', 'oof-cmso-ticketmgt', 'oof-cmso-topology', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-policy@policy.onap.org|policy|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|60|{'policy-drools-pdp', 'policy-drools-pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-api', 'policy-api.onap', 'policy-distribution', 'policy-distribution.onap', 'policy-pap', 'policy-pap.onap', 'policy-xacml-pdp', 'policy-xacml-pdp.onap', 'policy.api.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-pomba@pomba.onap.org|onap.pomba|local|/opt/app/osaaf/local||mailto:|org.onap.pomba|root|30|{'onap.pomba', 'onap_pomba', 'pomba', 'pomba.api.simpledemo.onap.org', 'pomba.onap', 'pomba_onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
-portal@portal.onap.org|portal|local|/opt/app/osaaf/local||mailto:|org.onap.portal|root|30|{'onap.portal', 'onap_portal', 'portal', 'portal-app', 'portal.api.simpledemo.onap.org', 'portal.onap', 'portal_onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-refrepo@refrepo.onap.org|refrepo|local|/opt/app/osaaf/local||mailto:|org.onap.refrepo|root|30|{'refrepo', 'refrepo.api.simpledemo.onap.org', 'refrepo.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
-sdc@sdc.onap.org|sdc-fe.onap|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|30|{'sdc-fe.onap', 'sdc.api.simpledemo.onap.org', 'sdc.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-sdc@sdc.onap.org|sdc|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|60|{'*.onap', '*.onap.org', 'sdc', 'sdc-be.onap', 'sdc-dcae-be.onap', 'sdc-dcae-dt.onap', 'sdc-dcae-fe.onap', 'sdc-dcae-tosca-lab.onap', 'sdc-es.onap', 'sdc-fe.onap', 'sdc-kb.onap', 'sdc-onap.org', 'sdc-onboarding-be.onap', 'sdc-wfd-be.onap', 'sdc-wfd-fe.onap', 'sdc.api.fe.simpledemo.onap.org', 'sdc.api.simpledemo.onap.org', 'sdc.dcae.plugin.simpledemo.onap.org', 'sdc.workflow.plugin.simpledemo.onap.org', 'webseal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-sdc@sdc.onap.org|sdc.onap|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|60|{'*.onap', '*.onap.org', 'sdc', 'sdc-be.onap', 'sdc-dcae-be.onap', 'sdc-dcae-dt.onap', 'sdc-dcae-fe.onap', 'sdc-dcae-tosca-lab.onap', 'sdc-es.onap', 'sdc-fe.onap', 'sdc-kb.onap', 'sdc-onap.org', 'sdc-onboarding-be.onap', 'sdc-wfd-be.onap', 'sdc-wfd-fe.onap', 'sdc.api.fe.simpledemo.onap.org', 'sdc.api.simpledemo.onap.org', 'sdc.dcae.plugin.simpledemo.onap.org', 'sdc.workflow.plugin.simpledemo.onap.org', 'webseal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-sdnc-cds@sdnc-cds.onap.org|sdnc-cds|local|/opt/app/osaaf/local||mailto:|org.onap.sdnc-cds|root|30|{'c1.vm1.sdnc-cds.simpledemo.onap', 'c2.vm1.sdnc-cds.simpledemo.onap', 'c3.vm1.sdnc-cds.simpledemo.onap', 'c4.vm1.sdnc-cds.simpledemo.onap', 'onap-sdnc-cds', 'onap-sdnc-cds.onap', 'sdnc-cds', 'sdnc-cds.api.simpledemo.onap.org', 'sdnc-cds.onap', 'vm1.sdnc-cds.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'pkcs12', 'script'}
-sdnc@sdnc.onap.org|ccsdk-sdnc-heat-dev|local|/home/ubuntu/cert||mailto:|org.onap.sdnc|ubuntu|60|{'c1.vm1.sdnc.simpledemo.onap', 'c2.vm1.sdnc.simpledemo.onap', 'c3.vm1.sdnc.simpledemo.onap', 'c4.vm1.sdnc.simpledemo.onap', 'onap-sdnc', 'onap-sdnc.onap', 'sdnc', 'sdnc.api.simpledemo.onap.org', 'sdnc.onap', 'vm1.sdnc.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
-sdnc@sdnc.onap.org|sdnc|local|/opt/app/osaaf/local||mailto:|org.onap.sdnc|root|60|{'c1.vm1.sdnc.simpledemo.onap', 'c2.vm1.sdnc.simpledemo.onap', 'c3.vm1.sdnc.simpledemo.onap', 'c4.vm1.sdnc.simpledemo.onap', 'onap-sdnc', 'onap-sdnc.onap', 'sdnc', 'sdnc.api.simpledemo.onap.org', 'sdnc.onap', 'vm1.sdnc.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
-shi@shi.onap.org|onap.shi|local|/opt/app/osaaf/local||mailto:|onap.shi|root|30|{'onap_shi', 'shi', 'shi.api.simpledemo.onap.org', 'shi_onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
-so@so.onap.org|aai-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'aai-simulator', 'localhost'}|aaf_admin@osaaf.org|{'pkcs12'}
-so@so.onap.org|bpmn-infra|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'bpmn-infra', 'bpmn-infra.onap'}|mmanager@osaaf.org|{'pkcs12'}
-so@so.onap.org|sdc-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'localhost', 'sdc-simulator'}|aaf_admin@osaaf.org|{'pkcs12'}
-so@so.onap.org|sdnc-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'localhost', 'sdnc-simulator'}|aaf_admin@osaaf.org|{'pkcs12'}
-so@so.onap.org|so-apih|local|/opt/app/osaaf/local||mailto:rp6768@att.com|org.onap.so|root|30|{'mso-asdc-controller-svc', 'mso-bpmn-infra-svc', 'mso-catalog-db-adapter-svc', 'mso-openstack-adapter-svc', 'mso-request-db-adapter-svc', 'mso-sdnc-adapter-svc'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-so@so.onap.org|so-client|local|/opt/app/osaaf/local||mailto:rp6768@att.com|org.onap.so|root|30||mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-so@so.onap.org|so|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so.api.simpledemo.onap.org', 'so.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'}
-so@so.onap.org|so-vnfm-adapter|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so-vnfm-adapter', 'so-vnfm-adapter.onap'}|aaf_admin@osaaf.org|{'pkcs12'}
-so@so.onap.org|so-vnfm-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so-vnfm-simulator', 'so-vnfm-simulator.onap'}|aaf_admin@osaaf.org|{'pkcs12'}
-tester1@test.portal.onap.org|tester1|aaf|/||mailto:|org.onap.portal.test|root|30||@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
-vfc@vfc.onap.org|vfc|local|/opt/app/osaaf/local||mailto:|org.onap.vfc|root|30|{'vfc.api.simpledemo.onap.org vfc.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-vid1@vid1.onap.org|vid1|local|/opt/app/osaaf/local||mailto:|org.onap.vid1|root|30|{'onap', 'onap.vid1', 'vid1', 'vid1.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-vid2@vid2.onap.org|vid2|local|/opt/app/osaaf/local||mailto:|org.onap.vid2|root|30|{'onap.vid2', 'vid2', 'vid2.api.simpledemo.onap.org', 'vid2.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
-vid@vid.onap.org|vid|local|/opt/app/osaaf/local||mailto:|org.onap.vid|root|30|{'vid.api.simpledemo.onap.org', 'vid.onap'}|mmanager@osaaf.org|{'jks', 'pkcs12'}
-uui@uui.onap.org|uui|local|/opt/app/osaaf/local||mailto:|org.onap.uui|root|30|{'uui', 'uui.api.simpledemo.onap.org', 'uui.onap','uui-server', 'uui-server.api.simpledemo.onap.org', 'uui-server.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/config.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/config.dat
deleted file mode 100644
index 18b5c90fd6..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/config.dat
+++ /dev/null
@@ -1,10 +0,0 @@
-aaf|aaf_env|DEV
-aaf|aaf_oauth2_introspect_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect
-aaf|aaf_oauth2_token_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token
-aaf|aaf_url_cm|https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1
-aaf|aaf_url_fs|https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1
-aaf|aaf_url_gui|https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1
-aaf|aaf_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1
-aaf|aaf_url_oauth|https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1
-aaf|cadi_protocols|TLSv1.1,TLSv1.2
-aaf|cadi_x509_issuers|CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
deleted file mode 100644
index 1279c363b5..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
+++ /dev/null
@@ -1,59 +0,0 @@
-portal@portal.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.portal|53344||
-shi@shi.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.shi|53344||
-a1p@a1p.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.a1p|53344||
-aaf@aaf.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.aaf|53344||
-aaf-sms@aaf-sms.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aaf-sms|53344||
-clamp@clamp.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.clamp|53344||
-aai@aai.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai|53344||
-aai-resources@aai-resources.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai-resources|53344||
-aai-schema-service@aai-schema-service.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai-schema-service|53344||
-aai-traversal@aai-traversal.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai-traversal|53344||
-appc@appc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc|53344||
-appc-cdt@appc-cdt.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc-cdt|53344||
-cli@cli.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.cli|53344||
-dcae@dcae.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dcae|53344||
-oof@oof.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.oof|53344||
-so@so.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.so|53344||
-sdc@sdc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdc|53344||
-sdnc@sdnc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc|53344||
-sdnc-cds@sdnc-cds.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc-cds|53344||
-vfc@vfc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vfc|53344||
-policy@policy.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.policy|53344||
-pomba@pomba.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.pomba|53344||
-holmes@holmes.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.holmes|53344||
-holmes-engine-mgmt@holmes-engine-mgmt.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.holmes-engine-mgmt|53344||
-holmes-rule-mgmt@holmes-rule-mgmt.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.holmes-rule-mgmt|53344||
-nbi@nbi.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.nbi|53344||
-msb-eag@msb-eag.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.msb-eag|53344||
-msb-iag@msb-iag.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.msb-iag|53344||
-music@music.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.music|53344||
-refrepo@refrepo.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.refrepo|53344||
-vid@vid.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid|53344||
-vid1@vid1.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid1|53344||
-vid2@vid2.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid2|53344||
-dmaap-bc@dmaap-bc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc|53344||
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-topic-mgr|53344||
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-mm-prov|53344||
-dmaap-dr@dmaap-dr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr|53344||
-dmaap-dr-prov@dmaap-dr-prov.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-prov|53344||
-dmaap-dr-node@dmaap-dr-node.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-node|53344||
-dmaap-mr@dmaap-mr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-mr|53344||
-dmaapmr@dmaapmr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaapmr|53344||
-#dmaap.mr@#dmaap.mr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.mr.#dmaap|53344||
-iowna@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-mmanager@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-bdevl@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-mmarket@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-demo@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-jh0003@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-cs0008@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-jm0007@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-op0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-gv0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-pm0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-gs0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-ps0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-aaf_admin@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-deployer@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-portal_admin@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
-uui@uui.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.uui|53344||
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
deleted file mode 100644
index 7d20d55c31..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
+++ /dev/null
@@ -1,88 +0,0 @@
-org.onap.a1p||org.onap||3
-org.onap.aaf-sms||org.onap||3
-org.onap.aai||org.onap||3
-org.onap.aai-resources||org.onap||3
-org.onap.aai-schema-service||org.onap||3
-org.onap.aai-traversal||org.onap||3
-org.onap.appc||org.onap||3
-org.onap.appc-cdt||org.onap||3
-org.onap.cds||org.onap||3
-org.onap.clampdemo|Onap clamp demo NS|org.onap|2|2
-org.onap.clamp||org.onap||3
-org.onap.clamptest|Onap clamp test NS|org.onap|2|2
-org.onap.cli||org.onap||3
-org.onap.dcae||org.onap||3
-org.onap.dmaap-bc.api||org.onap.dmaap-bc||3
-org.onap.dmaap-bc-mm-prov||org.onap||3
-org.onap.dmaap-bc||org.onap||3
-org.onap.dmaap.bc||org.onap||3
-org.onap.dmaapbc||org.onap||3
-org.onap.dmaap-bc-topic-mgr||org.onap||3
-org.onap.dmaap-dr||org.onap||3
-org.onap.dmaap.mr.aNewTopic-123450||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aNewTopic-123451||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aNewTopic-1547667570||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aNewTopic-||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTest-1547665517||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTest-1547666628||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTest-1547666760||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTest-1547666950||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTest-1547667031||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-123456||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-123457||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547660509||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547660861||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547661011||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547662122||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547662451||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547664813||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547664928||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTestTopic-1547666068||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.aTopic-1547654909||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.dgl000||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.dgl_ready||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.IdentityTopic-12345||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.IdentityTopic-1547839476||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.mirrormakeragent||org.onap.dmaap.mr||3
-org.onap.dmaap-mr||org.onap||3
-org.onap.dmaap.mr||org.onap||3
-org.onap.dmaap.mr.partitionTest-1546033194||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.PM_MAPPER||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.PNF_READY||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.PNF_REGISTRATION||org.onap.dmaap.mr||3
-org.onap.dmaap-mr.sunil||org.onap.dmaap-mr||3
-org.onap.dmaap-mr.test||org.onap.dmaap-mr||3
-org.onap.dmaap.mr.topic-000||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.topic-001||org.onap.dmaap.mr||3
-org.onap.dmaap.mr.topic-002||org.onap.dmaap.mr||3
-org.onap.dmaap||org.onap||3
-org.onap.holmes||org.onap||3
-org.onap.holmes-engine-mgmt||org.onap||3
-org.onap.holmes-rule-mgmt||org.onap||3
-org.onap.music||org.onap||3
-org.onap.msb-eag||org.onap||3
-org.onap.msb-iag||org.onap||3
-org.onap.nbi||org.onap||3
-org.onap|ONAP|org|2|2
-org.onap.oof||org.onap||3
-org.onap.policy||org.onap||3
-org.onap.pomba||org.onap||3
-org.onap.portal|ONAP Portal|org.onap.portal|3|3
-org.onap.portal.test||org.onap.portal||3
-org.onap.refrepo||org.onap||3
-org.onap.sdc||org.onap||3
-org.onap.sdnc-cds||org.onap||3
-org.onap.sdnc||org.onap||3
-org.onap.so||org.onap||3
-org.onap.vfc||org.onap||3
-org.onap.vid1||org.onap||3
-org.onap.vid2||org.onap||3
-org.onap.vid||org.onap||3
-org.onap.uui||org.onap||3
-org.openecomp.dcae|DCAE Namespace Org|org.openecomp|3|3
-org.openecomp.dmaapBC|DMaap NS|org.openecomp|3|3
-org.openecomp|Open EComp NS|org|2|2
-org.osaaf.aaf|Application Authorization Framework|org.osaaf|3|3
-org.osaaf|OSAAF Namespace|org|2|2
-org.osaaf.people||org.osaaf||3
-org|Root Namespace|.|1|1
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns_attrib.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns_attrib.dat
deleted file mode 100644
index e69de29bb2..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns_attrib.dat
+++ /dev/null
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
deleted file mode 100644
index 89c726f9ec..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
+++ /dev/null
@@ -1,547 +0,0 @@
-org|access|*|*|Org Write Access|{'org.admin'}
-org|access|*|read,approve|Org Read Access|{'org.owner'}
-org|access|*|read|Org Read Access|{'org.owner'}
-org.onap.a1p|access|*|*|AAF Namespace Write Access|"{'org.onap.a1p|admin', 'org.onap.a1p|service'}"
-org.onap.a1p|access|*|read|AAF Namespace Read Access|"{'org.onap.a1p|owner'}"
-org.onap.a1p|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.aaf-sms|access|*|*|AAF Namespace Write Access|"{'org.onap.aaf-sms|admin'}"
-org.onap.aaf-sms|access|*|read|AAF Namespace Read Access|"{'org.onap.aaf-sms|owner'}"
-org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.aai|access|*|*|AAF Namespace Write Access|"{'org.onap.aai|admin'}"
-org.onap.aai|access|*|read|AAF Namespace Read Access|"{'org.onap.aai|owner'}"
-org.onap.aai|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.aai|resources|*|delete||"{'org.onap.aai|resources_all'}"
-org.onap.aai|resources|*|get||"{'org.onap.aai|resources_all', 'org.onap.aai|resources_readonly'}"
-org.onap.aai|resources|*|patch||"{'org.onap.aai|resources_all'}"
-org.onap.aai|resources|*|post||"{'org.onap.aai|resources_all'}"
-org.onap.aai|resources|*|put||"{'org.onap.aai|resources_all'}"
-org.onap.aai|traversal|*|advanced||"{'org.onap.aai|traversal_advanced'}"
-org.onap.aai|traversal|*|basic||"{'org.onap.aai|traversal_basic'}"
-org.onap.aai-resources|access|*|*|AAF Namespace Write Access|"{'org.onap.aai-resources|admin', 'org.onap.aai-resources|service'}"
-org.onap.aai-resources|access|*|read|AAF Namespace Read Access|"{'org.onap.aai-resources|owner'}"
-org.onap.aai-resources|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.aai-schema-service|access|*|*|AAF Namespace Write Access|"{'org.onap.aai-schema-service|admin', 'org.onap.aai-schema-service|service'}"
-org.onap.aai-schema-service|access|*|read|AAF Namespace Read Access|"{'org.onap.aai-schema-service|owner'}"
-org.onap.aai-schema-service|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.aai-traversal|access|*|*|AAF Namespace Write Access|"{'org.onap.aai-traversal|admin', 'org.onap.aai-traversal|service'}"
-org.onap.aai-traversal|access|*|read|AAF Namespace Read Access|"{'org.onap.aai-traversal|owner'}"
-org.onap.aai-traversal|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap|access|*|*|Onap Write Access|{'org.onap.admin'}
-org.onap|access|*|read|Onap Read Access|{'org.onap.owner'}
-org.onap.appc|access|*|*|AAF Namespace Write Access|"{'org.onap.appc|admin', 'org.onap.appc|service'}"
-org.onap.appc|access|*|read|AAF Namespace Read Access|"{'org.onap.appc|owner'}"
-org.onap.appc|apidoc|/apidoc/.*|ALL||"{'org.onap.appc|apidoc'}"
-org.onap.appc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.appc|odl|odl-api|*|Appc ODL API Access|"{'org.onap.appc.odl', 'org.onap.appc|admin'}"
-org.onap.appc|restconf|/restconf/.*|ALL||"{'org.onap.appc|restconf'}"
-org.onap.appc-cdt|access|*|*|AAF Namespace Write Access|"{'org.onap.appc-cdt|admin', 'org.onap.appc-cdt|service'}"
-org.onap.appc-cdt|access|*|read|AAF Namespace Read Access|"{'org.onap.appc-cdt|owner'}"
-org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.cds|access|*|*|AAF Namespace Write Access|"{'org.onap.cds|admin'}"
-org.onap.cds|access|*|read|AAF Namespace Read Access|"{'org.onap.cds|owner'}"
-org.onap.clamp|access|*|*|AAF Namespace Write Access|"{'org.onap.clamp|admin', 'org.onap.clamp|service'}"
-org.onap.clamp|access|*|read|Onap Clamp Read Access|{'org.onap.clamp.owner'}
-org.onap.clamp|certman|local|request,ignoreIPs,showpass||"{'org.onap.clamp|admin', 'org.onap.clamp|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.clamp|clds.cl|dev|*||"{'org.onap.clamp|service'}"
-org.onap.clamp|clds.cl|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
-org.onap.clamp|clds.cl|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
-org.onap.clamp|clds.cl.event|dev|*|Onap Clamp Dev Write Access|{'org.onap.clamp.clds.designer.dev'}
-org.onap.clamp|clds.cl.manage|dev|*|Onap Clamp Dev Manage Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|service'}"
-org.onap.clamp|clds.filter.vf|dev|*|Onap Clamp Filter All Dev Access|"{'org.onap.clamp.clds.vf_filter_all.dev', 'org.onap.clamp|service'}"
-org.onap.clamp|clds.template|dev|*||"{'org.onap.clamp|service'}"
-org.onap.clamp|clds.template|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
-org.onap.clamp|clds.template|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
-org.onap.clamp|clds.tosca|dev|*||"{'org.onap.clamp|service'}"
-org.onap.clamp|clds.policies|dev|*||"{'org.onap.clamp|service'}"
-org.onap.clampdemo|access|*|*|ClampDemo Write Access|{'org.onap.clampdemo.admin'}
-org.onap.clampdemo|access|*|read|ClampDemo Read Access|{'org.onap.clampdemo.owner'}
-org.onap.clamptest|access|*|*|Onap Write Access|{'org.onap.clamptest.admin'}
-org.onap.clamptest|access|*|read|Onap Read Access|{'org.onap.clamptest.owner'}
-org.onap.cli|access|*|*|AAF Namespace Write Access|"{'org.onap.cli|admin', 'org.onap.cli|service'}"
-org.onap.cli|access|*|read|AAF Namespace Read Access|"{'org.onap.cli|owner'}"
-org.onap.cli|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.dcae|access|*|*|AAF Namespace Write Access|"{'org.onap.dcae|admin', 'org.onap.dmaap-bc-topic-mgr|admin', 'org.onap.dmaap-bc|admin'}"
-org.onap.dcae|access|*|read|AAF Namespace Read Access|"{'org.onap.dcae|owner'}"
-org.onap.dcae|certman|local|request,ignoreIPs,showpass||"{'org.onap.dcae|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.dcae|dmaap.topicFactory|:com.att.dcae.dmaap.FTL.mr.topic:com.att.dcae.dmaap.FTL|create||
-org.onap.dcae|dmaap.topicFactory|:null.FTL.mr.topic:null.FTL|create||
-org.onap.dmaap|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap|admin'}"
-org.onap.dmaap|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap|owner'}"
-org.onap.dmaap-bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc|admin'}"
-org.onap.dmaapbc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaapbc|admin'}"
-org.onap.dmaap.bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.bc|admin', 'org.onap.dmaap.bc|service'}"
-org.onap.dmaap-bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dcae|admin', 'org.onap.dmaap-bc|owner'}"
-org.onap.dmaap.bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.bc|owner'}"
-org.onap.dmaapbc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaapbc|owner'}"
-org.onap.dmaap-bc.api|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc.api|admin', 'org.onap.dmaap-bc|admin'}"
-org.onap.dmaap-bc.api|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc.api|owner', 'org.onap.dmaap-bc|admin', 'org.onap.dmaap-bc|service'}"
-org.onap.dmaap-bc.api|bridge|onapdemo|GET||"{'org.onap.dmaap-bc.api|Metrics'}"
-org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dmaap|boot|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dmaap|boot|GET||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dmaap|boot|POST||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dmaap|boot|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dmaap|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dmaap|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dmaap|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_subs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_subs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|feeds|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|feeds|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|feeds|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|feeds|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|mr_clients|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|mr_clients|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
-org.onap.dmaap-bc.api|topics|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
-org.onap.dmaap-bc.api|topics|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
-org.onap.dmaap-bc.api|topics|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
-org.onap.dmaap-bc.api|topics|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
-org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-bc|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.dmaap-bc-mm-prov|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc-mm-prov|admin'}"
-org.onap.dmaap-bc-mm-prov|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc-mm-prov|owner'}"
-org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.dmaap-bc-topic-mgr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc-topic-mgr|admin'}"
-org.onap.dmaap-bc-topic-mgr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc-topic-mgr|owner'}"
-org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.dmaap-dr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-dr|admin'}"
-org.onap.dmaap-dr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-dr|owner'}"
-org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-dr|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.dmaap-dr|feed|*|approveSub||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap|dr.feed|*|create||
-org.onap.dmaap-dr|feed|*|create||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|feed|*|delete||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|feed|*|edit||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|feed|*|*||"{'org.onap.dmaap-bc|service', 'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|feed|*|publish||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|feed|*|restore||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|feed|*|subscribe||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|feed|*|suspend||"{'org.onap.dmaap-dr|feed.admin'}"
-org.onap.dmaap-dr|sub|*|delete||"{'org.onap.dmaap-dr|sub.admin'}"
-org.onap.dmaap-dr|sub|*|edit||"{'org.onap.dmaap-dr|sub.admin'}"
-org.onap.dmaap-dr|sub|*|*||"{'org.onap.dmaap-bc|service', 'org.onap.dmaap-dr|sub.admin'}"
-org.onap.dmaap-dr|sub|*|publish||"{'org.onap.dmaap-dr|sub.admin'}"
-org.onap.dmaap-dr|sub|*|restore||"{'org.onap.dmaap-dr|sub.admin'}"
-org.onap.dmaap-dr|sub|*|suspend||"{'org.onap.dmaap-dr|sub.admin'}"
-org.onap.dmaap.mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc|service', 'org.onap.dmaap.mr|admin'}"
-org.onap.dmaap-mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr|admin'}"
-org.onap.dmaap-mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr|owner'}"
-org.onap.dmaap.mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr|owner', 'org.onap.dmaap.mr|service'}"
-org.onap.dmaap.mr.aNewTopic-123450|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-123450|admin'}"
-org.onap.dmaap.mr.aNewTopic-123450|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-123450|owner'}"
-org.onap.dmaap.mr.aNewTopic-123451|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-123451|admin'}"
-org.onap.dmaap.mr.aNewTopic-123451|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-123451|owner'}"
-org.onap.dmaap.mr.aNewTopic-1547667570|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-1547667570|admin'}"
-org.onap.dmaap.mr.aNewTopic-1547667570|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-1547667570|owner'}"
-org.onap.dmaap.mr.aNewTopic-|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-|admin'}"
-org.onap.dmaap.mr.aNewTopic-|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-|owner'}"
-org.onap.dmaap.mr.aTest-1547665517|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547665517|admin'}"
-org.onap.dmaap.mr.aTest-1547665517|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547665517|owner'}"
-org.onap.dmaap.mr.aTest-1547666628|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547666628|admin'}"
-org.onap.dmaap.mr.aTest-1547666628|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547666628|owner'}"
-org.onap.dmaap.mr.aTest-1547666760|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547666760|admin'}"
-org.onap.dmaap.mr.aTest-1547666760|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547666760|owner'}"
-org.onap.dmaap.mr.aTest-1547666950|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547666950|admin'}"
-org.onap.dmaap.mr.aTest-1547666950|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547666950|owner'}"
-org.onap.dmaap.mr.aTest-1547667031|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547667031|admin'}"
-org.onap.dmaap.mr.aTest-1547667031|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547667031|owner'}"
-org.onap.dmaap.mr.aTestTopic-123456|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-123456|admin'}"
-org.onap.dmaap.mr.aTestTopic-123456|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-123456|owner'}"
-org.onap.dmaap.mr.aTestTopic-123457|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-123457|admin'}"
-org.onap.dmaap.mr.aTestTopic-123457|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-123457|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547660509|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547660509|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547660509|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547660509|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547660861|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547660861|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547660861|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547660861|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547661011|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547661011|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547661011|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547661011|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547662122|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547662122|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547662122|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547662122|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547662451|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547662451|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547662451|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547662451|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547664813|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547664813|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547664813|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547664813|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547664928|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547664928|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547664928|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547664928|owner'}"
-org.onap.dmaap.mr.aTestTopic-1547666068|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547666068|admin'}"
-org.onap.dmaap.mr.aTestTopic-1547666068|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547666068|owner'}"
-org.onap.dmaap.mr.aTopic-1547654909|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTopic-1547654909|admin'}"
-org.onap.dmaap.mr.aTopic-1547654909|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTopic-1547654909|owner'}"
-org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.dmaap.mr.dgl000|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.dgl000|admin'}"
-org.onap.dmaap.mr.dgl000|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.dgl000|owner'}"
-org.onap.dmaap.mr.dgl_ready|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.dgl_ready|admin'}"
-org.onap.dmaap.mr.dgl_ready|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.dgl_ready|owner'}"
-org.onap.dmaap.mr.IdentityTopic-12345|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.IdentityTopic-12345|admin'}"
-org.onap.dmaap.mr.IdentityTopic-12345|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.IdentityTopic-12345|owner'}"
-org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|admin'}"
-org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|owner'}"
-org.onap.dmaap.mr|mirrormaker|*|admin||"{'org.onap.dmaap.mr|mirrormaker.admin'}"
-org.onap.dmaap.mr.mirrormakeragent|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.mirrormakeragent|admin'}"
-org.onap.dmaap.mr.mirrormakeragent|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.mirrormakeragent|owner'}"
-org.onap.dmaap.mr|mirrormaker|*|user||"{'org.onap.dmaap.mr|mirrormaker.user'}"
-org.onap.dmaap.mr.partitionTest-1546033194|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.partitionTest-1546033194|admin'}"
-org.onap.dmaap.mr.partitionTest-1546033194|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.partitionTest-1546033194|owner'}"
-org.onap.dmaap.mr.PM_MAPPER|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.PM_MAPPER|admin'}"
-org.onap.dmaap.mr.PM_MAPPER|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.PM_MAPPER|owner'}"
-org.onap.dmaap.mr.PNF_READY|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.PNF_READY|admin'}"
-org.onap.dmaap.mr.PNF_READY|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.PNF_READY|owner'}"
-org.onap.dmaap.mr.PNF_REGISTRATION|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.PNF_REGISTRATION|admin'}"
-org.onap.dmaap.mr.PNF_REGISTRATION|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.PNF_REGISTRATION|owner'}"
-org.onap.dmaap-mr|saitest|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub||"{'org.onap.dmaap-mr|admin', 'org.onap.dmaap-mr|sai'}"
-org.onap.dmaap-mr.sunil|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr.sunil|admin'}"
-org.onap.dmaap-mr.sunil|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr.sunil|owner'}"
-org.onap.dmaap-mr.sunil|test|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub||"{'org.onap.dmaap-mr.sunil|admin2'}"
-org.onap.dmaap-mr.test|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr.test|admin'}"
-org.onap.dmaap-mr.test|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr.test|owner'}"
-org.onap.dmaap.mr.topic-000|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.topic-000|admin'}"
-org.onap.dmaap.mr.topic-000|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.topic-000|owner'}"
-org.onap.dmaap.mr.topic-001|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.topic-001|admin'}"
-org.onap.dmaap.mr.topic-001|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.topic-001|owner'}"
-org.onap.dmaap.mr.topic-002|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.topic-002|admin'}"
-org.onap.dmaap.mr.topic-002|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.topic-002|owner'}"
-org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create,destroy||"{'org.onap.dmaap-bc|service'}"
-org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create||"{'org.onap.dmaap-bc-topic-mgr|client', 'org.onap.dmaap.mr|create'}"
-org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy||"{'org.onap.dmaap-bc-topic-mgr|client', 'org.onap.dmaap.mr|destroy'}"
-org.onap.dmaap.mr|topic|*|*||"{'org.onap.dmaap-bc|service'}"
-org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|pub||"{'org.onap.dcae|pnfPublisher'}"
-org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|sub||"{'org.onap.dcae|pnfPublisher'}"
-org.onap.dmaap.mr|topictest|*|view||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539200479|pub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539200479|sub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539200479|view||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539201873|pub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539201873|sub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539201873|view||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|pub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|sub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|view||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|pub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|sub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|view||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|pub||"{'org.onap.dcae|pnfPublisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|sub||"{'org.onap.dcae|pnfSubscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|view||"{'org.onap.dcae|pnfPublisher', 'org.onap.dcae|pnfSubscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|pub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|sub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|view||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|pub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|sub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|view||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|pub||"{'org.onap.dmaap.mr.dgl_ready|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|sub||"{'org.onap.dmaap.mr.dgl_ready|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|view||"{'org.onap.dmaap.mr.dgl_ready|publisher', 'org.onap.dmaap.mr.dgl_ready|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1529190699|pub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|pub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|sub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|view||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|pub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|sub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|view||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|pub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|sub||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|view||"{'org.onap.dmaap-mr|Publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest201810100530|pub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|pub||"{'org.onap.dmaap.mr.IdentityTopic-12345|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|sub||"{'org.onap.dmaap.mr.IdentityTopic-12345|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|view||"{'org.onap.dmaap.mr.IdentityTopic-12345|publisher', 'org.onap.dmaap.mr.IdentityTopic-12345|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|pub||"{'org.onap.dmaap.mr.IdentityTopic-1547839476|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|sub||"{'org.onap.dmaap.mr.IdentityTopic-1547839476|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|view||"{'org.onap.dmaap.mr.IdentityTopic-1547839476|publisher', 'org.onap.dmaap.mr.IdentityTopic-1547839476|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|pub||"{'org.onap.dmaap.mr.mirrormakeragent|pub', 'org.onap.dmaap.mr.mirrormakeragent|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|sub||"{'org.onap.dmaap.mr.mirrormakeragent|sub', 'org.onap.dmaap.mr.mirrormakeragent|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|view||"{'org.onap.dmaap.mr.mirrormakeragent|publisher', 'org.onap.dmaap.mr.mirrormakeragent|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mmagent|pub||"{'org.onap.dmaap.mr|mmagent.pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mmagent|sub||"{'org.onap.dmaap.mr|mmagent.sub', 'org.onap.dmaap.mr|mmagent.sub1'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtest|pub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub||"{'org.onap.dmaap.mr|mrtesttopic.pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub||"{'org.onap.dmaap.mr|mrtesttopic.sub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|pub||"{'org.onap.dmaap.mr.PM_MAPPER|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|sub||"{'org.onap.dmaap.mr.PM_MAPPER|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|view||"{'org.onap.dmaap.mr.PM_MAPPER|publisher', 'org.onap.dmaap.mr.PM_MAPPER|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|pub||"{'org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr.PNF_READY|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|sub||"{'org.onap.dmaap.mr.PNF_READY|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view||"{'org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr.PNF_READY|publisher', 'org.onap.dmaap.mr.PNF_READY|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|pub||"{'org.onap.dmaap.mr.PNF_REGISTRATION|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub||"{'org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr.PNF_REGISTRATION|subscriber', 'org.onap.dmaap.mr|PNF_REGISTRATION.sub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view||"{'org.onap.dmaap.mr.PNF_REGISTRATION|publisher', 'org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr.PNF_REGISTRATION|subscriber', 'org.onap.dmaap.mr|PNF_REGISTRATION.sub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|pub||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|sub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|view||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|pub||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|sub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|view||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|pub||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|sub||
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|view||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.test1|pub||"{'org.onap.dmaap.mr|test1'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|pub||"{'org.onap.dcae|pnfPublisher', 'org.onap.dmaap.mr.topic-000|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|sub||"{'org.onap.dmaap.mr.topic-000|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view||"{'org.onap.dcae|pnfPublisher', 'org.onap.dmaap.mr.topic-000|publisher', 'org.onap.dmaap.mr.topic-000|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|pub||"{'org.onap.dmaap.mr.topic-001|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|sub||"{'org.onap.dmaap.mr.topic-001|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|view||"{'org.onap.dmaap.mr.topic-001|publisher', 'org.onap.dmaap.mr.topic-001|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|pub||"{'org.onap.dmaap.mr.topic-002|publisher'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|sub||"{'org.onap.dmaap.mr.topic-002|subscriber'}"
-org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|view||"{'org.onap.dmaap.mr.topic-002|publisher', 'org.onap.dmaap.mr.topic-002|subscriber'}"
-org.onap.dmaap.mr|topic|*|view||"{'org.onap.dmaap-bc|service', 'org.onap.dmaap.mr|view'}"
-org.onap.dmaap.mr|viewtest|*|view||"{'org.onap.dmaap.mr|viewtest'}"
-org.onap.holmes|access|*|*|AAF Namespace Write Access|"{'org.onap.holmes|admin'}"
-org.onap.holmes|access|*|read|AAF Namespace Read Access|"{'org.onap.holmes|owner'}"
-org.onap.holmes-engine-mgmt|access|*|*|AAF Namespace Write Access|"{'org.onap.holmes-engine-mgmt|admin', 'org.onap.holmes-engine-mgmt|service'}"
-org.onap.holmes-engine-mgmt|access|*|read|AAF Namespace Read Access|"{'org.onap.holmes-engine-mgmt|owner'}"
-org.onap.holmes-engine-mgmt|certman|local|request,ignoreIPs,showpass||"{'org.onap.holmes-engine-mgmt|admin', 'org.onap.holmes-engine-mgmt|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.holmes-rule-mgmt|access|*|*|AAF Namespace Write Access|"{'org.onap.holmes-rule-mgmt|admin', 'org.onap.holmes-rule-mgmt|service'}"
-org.onap.holmes-rule-mgmt|access|*|read|AAF Namespace Read Access|"{'org.onap.holmes-rule-mgmt|owner'}"
-org.onap.holmes-rule-mgmt|certman|local|request,ignoreIPs,showpass||"{'org.onap.holmes-rule-mgmt|admin', 'org.onap.holmes-rule-mgmt|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.msb-eag|access|*|*|AAF Namespace Write Access|"{'org.onap.msb-eag|admin', 'org.onap.msb-eag|service'}"
-org.onap.msb-eag|access|*|read|AAF Namespace Read Access|"{'org.onap.msb-eag|owner'}"
-org.onap.msb-eag|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.msb-iag|access|*|*|AAF Namespace Write Access|"{'org.onap.msb-iag|admin', 'org.onap.msb-iag|service'}"
-org.onap.msb-iag|access|*|read|AAF Namespace Read Access|"{'org.onap.msb-iag|owner'}"
-org.onap.msb-iag|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.music|access|*|*|AAF Namespace Write Access|"{'org.onap.music|admin'}"
-org.onap.music|access|*|read|AAF Namespace Read Access|"{'org.onap.music|owner'}"
-org.onap.music|certman|local|request,ignoreIPs,showpass||"{'org.onap.music|admin', 'org.osaaf.aaf|deploy'}"
-org.onap.nbi|access|*|*|AAF Namespace Write Access|"{'org.onap.nbi|admin', 'org.onap.nbi|service'}"
-org.onap.nbi|access|*|read|AAF Namespace Read Access|"{'org.onap.nbi|owner'}"
-org.onap.nbi|certman|local|request,ignoreIPs,showpass||"{'org.onap.nbi|admin', 'org.onap.nbi|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.ngi|access|*|*|AAF Namespace Write Access|"{'org.onap.ngi|admin'}"
-org.onap.ngi|access|*|read|AAF Namespace Read Access|"{'org.onap.ngi|owner'}"
-org.onap.oof|access|*|*|AAF Namespace Write Access|"{'org.onap.oof|admin'}"
-org.onap.oof|access|*|read|AAF Namespace Read Access|"{'org.onap.oof|owner'}"
-org.onap.oof|certman|local|request,ignoreIPs,showpass||"{'org.onap.oof|admin', 'org.onap.sdc|admin', 'org.osaaf.aaf|deploy'}"
-org.onap.policy|access|*|*|AAF Namespace Write Access|"{'org.onap.policy|admin', 'org.onap.policy|pdpd.admin'}"
-org.onap.policy|access|*|read|AAF Namespace Read Access|"{'org.onap.policy|owner', 'org.onap.policy|pdpd.admin'}"
-org.onap.policy|certman|local|request,ignoreIPs,showpass||"{'org.onap.policy|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.policy|menu|menu_admin|*|Admin Menu|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_ajax|*|Ajax Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_concept|*|CoNCEPT|
-org.onap.policy|menu|menu_customer_create|*|Customer Create|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_customer|*|Customer Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_doclib|*|Document Library Menu|
-org.onap.policy|menu|menu_feedback|*|Feedback Menu|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_help|*|Help Menu|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_home|*|Home Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_itracker|*|iTracker Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_job_create|*|Job Create|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_job_designer|*|Process in Designer view|
-org.onap.policy|menu|menu_job|*|Job Menu|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_logout|*|Logout Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_map|*|Map Menu|"{'org.onap.policy|Standard_User'}"
-org.onap.policy|menu|menu_notes|*|Notes Menu|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_policy|*|Policy|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
-org.onap.policy|menu|menu_process|*|Process List|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_profile_create|*|Profile Create|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_profile_import|*|Profile Import|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_profile|*|Profile Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_reports|*|Reports Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_sample|*|Sample Pages Menu|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_tab|*|Sample Tab Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|menu|menu_task_search|*|Task Search|
-org.onap.policy|menu|menu_task|*|Task Menu|
-org.onap.policy|menu|menu_test|*|Test Menu|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|pdpd.healthcheck.configuration|*|get||"{'org.onap.policy|pdpd.admin'}"
-org.onap.policy|pdpd.healthcheck|*|get||"{'org.onap.policy|pdpd.admin', 'org.onap.policy|pdpd.monitor'}"
-org.onap.policy|pdpd.telemetry|*|delete||"{'org.onap.policy|pdpd.admin'}"
-org.onap.policy|pdpd.telemetry|*|get||"{'org.onap.policy|pdpd.admin', 'org.onap.policy|pdpd.monitor'}"
-org.onap.policy|pdpd.telemetry|*|post||"{'org.onap.policy|pdpd.admin'}"
-org.onap.policy|pdpd.telemetry|*|put||"{'org.onap.policy|pdpd.admin'}"
-org.onap.policy|pdpx.config|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.createDictionary|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.createPolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.decision|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.getConfigByPolicyName|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.getConfig|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.getDecision|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.getDictionary|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.getMetrics|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.listConfig|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.list|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.listPolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.policyEngineImport|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.pushPolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.sendEvent|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.updateDictionary|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|pdpx.updatePolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
-org.onap.policy|url|doclib_admin|*|Document Library Admin|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|url|doclib|*|Document Library|"{'org.onap.policy|System_Administrator'}"
-org.onap.policy|url|login|*|Login|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
-org.onap.policy|url|policy_admin|*|Policy Admin|"{'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
-org.onap.policy|url|policy_dashboard|*|Policy Dashboard|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
-org.onap.policy|url|policy_dictionary|*|Policy Dictionary|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
-org.onap.policy|url|policy_editor|*|Policy Editor|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
-org.onap.policy|url|policy_pdp|*|Policy PDP|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
-org.onap.policy|url|policy_push|*|Policy Push|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
-org.onap.policy|url|policy_roles|*|Policy Roles|"{'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
-org.onap.policy|url|view_reports|*|View Raptor reports|
-org.onap.pomba|access|*|*|AAF Namespace Write Access|"{'org.onap.pomba|admin'}"
-org.onap.pomba|access|*|read|AAF Namespace Read Access|"{'org.onap.pomba|owner'}"
-org.onap.pomba|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.portal|access|*|*|Portal Write Access|{'org.onap.portal.admin'}
-org.onap.portal|access|*|read|Portal Read Access|
-org.onap.portal|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.portal|menu|menu_acc_admin|*|Admin Account Menu|"{'org.onap.portal|Account_Administrator', 'org.onap.portal|System_Administrator'}"
-org.onap.portal|menu|menu_admin|*|Admin Menu|"{'org.onap.portal|System_Administrator', 'org.onap.portal|Usage_Analyst'}"
-org.onap.portal|menu|menu_ajax|*|Ajax Menu|
-org.onap.portal|menu|menu_customer_create|*|Customer Create|
-org.onap.portal|menu|menu_customer|*|Customer Menu|
-org.onap.portal|menu|menu_feedback|*|Feedback Menu|
-org.onap.portal|menu|menu_help|*|Help Menu|
-org.onap.portal|menu|menu_home|*|Home Menu|"{'org.onap.portal|Standard_User', 'org.onap.portal|System_Administrator'}"
-org.onap.portal|menu|menu_job_create|*|Job Create|
-org.onap.portal|menu|menu_job_designer|*|Process in Designer view|
-org.onap.portal|menu|menu_job|*|Job Menu|
-org.onap.portal|menu|menu_logout|*|Logout Menu|"{'org.onap.portal|Standard_User', 'org.onap.portal|System_Administrator'}"
-org.onap.portal|menu|menu_map|*|Map Menu|
-org.onap.portal|menu|menu_notes|*|Notes Menu|
-org.onap.portal|menu|menu_process|*|Process List|
-org.onap.portal|menu|menu_profile_create|*|Profile Create|
-org.onap.portal|menu|menu_profile_import|*|Profile Import|
-org.onap.portal|menu|menu_profile|*|Profile Menu|
-org.onap.portal|menu|menu_reports|*|Reports Menu|
-org.onap.portal|menu|menu_sample|*|Sample Pages Menu|
-org.onap.portal|menu|menu_tab|*|Sample Tab Menu|
-org.onap.portal|menu|menu_task_search|*|Task Search|"{'org.onap.portal|Usage_Analyst'}"
-org.onap.portal|menu|menu_task|*|Task Menu|"{'org.onap.portal|Usage_Analyst'}"
-org.onap.portal|menu|menu_web_analytics|*|Web Analytics|"{'org.onap.portal|Portal_Usage_Analyst', 'org.onap.portal|Usage_Analyst'}"
-org.onap.portal.test|aaaa|*|write||
-org.onap.portal.test|access1|*|read||
-org.onap.portal.test|access|*|*|AAF Namespace Write Access|"{'org.onap.portal.test|admin'}"
-org.onap.portal.test|access|*|read|AAF Namespace Read Access|"{'org.onap.portal.test|owner'}"
-org.onap.portal.test|myaccess|*|read||
-org.onap.portal.test|user1.access|*|read||
-org.onap.portal.test|user1.myaccess|*|read||
-org.onap.portal|url|addWebAnalyticsReport|*|Add Web Analytics Report|
-org.onap.portal|url|appsFullList|*|Apps Full List|
-org.onap.portal|url|centralizedApps|*|Centralized Apps|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|edit_notification|*|User Notification|"{'org.onap.portal|Portal_Notification_Admin'}"
-org.onap.portal|url|functionalMenu|*|Functional Menu|
-org.onap.portal|url|getAdminNotifications|*|Admin Notifications|"{'org.onap.portal|Account_Administrator', 'org.onap.portal|Portal_Notification_Admin'}"
-org.onap.portal|url|getAllWebAnalytics|*|Get All Web Analytics|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|getFunctionalMenuRole|*|Get Functional Menu Role|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|getNotificationAppRoles|*|Get Notification App Roles|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|get_role_functions%2f%2a|*|Get Role Functions|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|get_roles%2f%2a|*|getRolesOfApp|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|getUserAppsWebAnalytics|*|Get User Apps Web Analytics|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|getUserJourneyAnalyticsReport|*|Get User Journey Report|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|login|*|Login|"{'org.onap.portal|Standard_User', 'org.onap.portal|System_Administrator'}"
-org.onap.portal|url|notification_code|*|Notification Code|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|role_function_list%2fsaveRoleFunction%2f%2a|*|Save Role Function|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|saveNotification|*|publish notifications|"{'org.onap.portal|Portal_Notification_Admin'}"
-org.onap.portal|url|syncRoles|*|SyncRoles|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|url_role.htm|*|role page|
-org.onap.portal|url|url_welcome.htm|*|welcome page|
-org.onap.portal|url|userAppRoles|*|userAppRoles|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|userApps|*|User Apps|"{'org.onap.portal|Account_Administrator'}"
-org.onap.portal|url|view_reports|*|View Raptor reports|
-org.onap.refrepo|access|*|*|AAF Namespace Write Access|"{'org.onap.refrepo|admin', 'org.onap.refrepo|service'}"
-org.onap.refrepo|access|*|read|AAF Namespace Read Access|"{'org.onap.refrepo|owner'}"
-org.onap.refrepo|certman|local|request,ignoreIPs,showpass||"{'org.onap.refrepo|admin', 'org.onap.refrepo|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.sdc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdc|admin'}"
-org.onap.sdc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdc|owner'}"
-org.onap.sdc|administrator.access|*|*||"{'org.onap.sdc|admin'}"
-org.onap.sdc|certman|local|request,ignoreIPs,showpass||"{'org.onap.sdc|admin', 'org.osaaf.aaf|deploy'}"
-org.onap.sdc|designer.access|*|*||"{'org.onap.sdc|designer'}"
-org.onap.sdc|governance.access|*|*||"{'org.onap.sdc|governor'}"
-org.onap.sdc|operations.access|*|*||"{'org.onap.sdc|ops'}"
-org.onap.sdc|tester.access|*|*||"{'org.onap.sdc|tester'}"
-org.onap.sdnc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdnc|admin'}"
-org.onap.sdnc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdnc|owner'}"
-org.onap.sdnc-cds|access|*|*|AAF Namespace Write Access|"{'org.onap.sdnc-cds|admin', 'org.onap.sdnc-cds|service'}"
-org.onap.sdnc-cds|access|*|read|AAF Namespace Read Access|"{'org.onap.sdnc-cds|owner'}"
-org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.sdnc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.sdnc|odl|odl-api|create||"{'org.onap.sdnc|service'}"
-org.onap.sdnc|odl|odl-api|delete||"{'org.onap.sdnc|service'}"
-org.onap.sdnc|odl|odl-api|*||"{'org.onap.sdnc|admin', 'org.onap.sdnc|service'}"
-org.onap.sdnc|odl|odl-api|read||"{'org.onap.sdnc|service'}"
-org.onap.sdnc|odl|odl-api|update||"{'org.onap.sdnc|service'}"
-org.onap.so|access|*|*|AAF Namespace Write Access|"{'org.onap.so|admin', 'org.onap.so|app'}"
-org.onap.so|access|*|read|AAF Namespace Read Access|"{'org.onap.so|owner'}"
-org.onap.so|certman|local|request,ignoreIPs,showpass||"{'org.onap.so|admin', 'org.onap.so|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.onap.vfc|access|*|*|AAF Namespace Write Access|"{'org.onap.vfc|admin', 'org.onap.vfc|service'}"
-org.onap.vfc|access|*|read|AAF Namespace Read Access|"{'org.onap.vfc|owner'}"
-org.onap.vfc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.vid1|access|*|*|AAF Namespace Write Access|"{'org.onap.vid1|admin'}"
-org.onap.vid1|access|*|read|AAF Namespace Read Access|"{'org.onap.vid1|owner'}"
-org.onap.vid1|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.vid2|access|*|*|AAF Namespace Write Access|"{'org.onap.vid2|admin'}"
-org.onap.vid2|access|*|read|AAF Namespace Read Access|"{'org.onap.vid2|owner'}"
-org.onap.vid2|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.vid|access|*|*|AAF Namespace Write Access|"{'org.onap.vid|admin'}"
-org.onap.vid|access|*|read|AAF Namespace Read Access|"{'org.onap.vid|owner'}"
-org.onap.vid|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.onap.vid|menu|menu_admin|*|Admin Menu|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_ajax|*|Ajax Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_changemanagement|*|VNF Changes|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_concept|*|CoNCEPT|
-org.onap.vid|menu|menu_customer_create|*|Customer Create|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_customer|*|Customer Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_doclib|*|Document Library Menu|
-org.onap.vid|menu|menu_feedback|*|Feedback Menu|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_help|*|Help Menu|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_home|*|Home Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_itracker|*|iTracker Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_job_create|*|Job Create|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_job_designer|*|Process in Designer view|
-org.onap.vid|menu|menu_job|*|Job Menu|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_logout|*|Logout Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_map|*|Map Menu|"{'org.onap.vid|Standard_User'}"
-org.onap.vid|menu|menu_newserinstance|*|Create New Service Instance|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_notes|*|Notes Menu|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_process|*|Process List|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_profile_create|*|Profile Create|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_profile_import|*|Profile Import|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_profile|*|Profile Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_reports|*|Reports Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_sample|*|Sample Pages Menu|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_searchexisting|*|Search for Existing Service Instances|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_servicemodels|*|Browse SDC Service Instances|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_tab|*|Sample Tab Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_task_search|*|Task Search|
-org.onap.vid|menu|menu_task|*|Task Menu|
-org.onap.vid|menu|menu_test|*|Test Menu|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|menu|menu_viewlog|*|Log Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|url|doclib_admin|*|Document Library Admin|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|url|doclib|*|Document Library|"{'org.onap.vid|System_Administrator'}"
-org.onap.vid|url|login|*|Login|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
-org.onap.vid|url|view_reports|*|View Raptor reports|
-org.onap.uui|access|*|*|AAF Namespace Write Access|"{'org.onap.uui|admin', 'org.onap.uui|service'}"
-org.onap.uui|access|*|read|AAF Namespace Read Access|"{'org.onap.uui|owner'}"
-org.onap.uui|certman|local|request,ignoreIPs,showpass||"{'org.onap.uui|admin', 'org.onap.uui|seeCerts', 'org.osaaf.aaf|deploy'}"
-org.openecomp|access|*|*|OpenEcomp Write Access|{'org.openecomp.admin'}
-org.openecomp|access|*|read|OpenEcomp Read Access|{'org.openecomp.owner'}
-org.openecomp.dmaapBC|access|*|*|DMaap Write Access|{'org.openecomp.dmaapBC.admin'}
-org.openecomp.dmaapBC|access|*|read|DMaap Read Access|{'org.openecomp.dmaapBC.owner'}
-org.osaaf.aaf|access|*|*|AAF Write Access|{'org.osaaf.aaf.admin'}
-org.osaaf.aaf|access|*|read,approve|AAF Read Access|{'org.osaaf.aaf.owner'}
-org.osaaf.aaf|cache|all|clear||"{'org.osaaf.aaf|admin'}"
-org.osaaf.aaf|cache|*|clear||"{'org.osaaf.aaf|admin', 'org.osaaf.aaf|service'}"
-org.osaaf.aaf|cache|role|clear||"{'org.osaaf.aaf|admin'}"
-org.osaaf.aaf|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
-org.osaaf.aaf|password|*|create,reset||"{'org.osaaf.aaf|admin'}"
-org.osaaf|access|*|*|OSAAF Write Access|{'org.osaaf.admin'}
-org.osaaf|access|*|read,appove|OSAAF Read Access|{'org.osaaf.owner'}
-org.osaaf.people|access|*|*|AAF Namespace Write Access|"{'org.osaaf.people|admin'}"
-org.osaaf.people|access|*|read|AAF Namespace Read Access|"{'org.osaaf.people|owner'}"
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
deleted file mode 100644
index 111b94e6a8..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
+++ /dev/null
@@ -1,352 +0,0 @@
-org|admin|Org Admins|"{'org.access|*|*'}"
-org.onap.a1p|admin|AAF Namespace Administrators|"{'org.onap.a1p|access|*|*'}"
-org.onap.a1p|owner|AAF Namespace Owners|"{'org.onap.a1p|access|*|read'}"
-org.onap.a1p|service||"{'org.onap.a1p|access|*|*'}"
-org.onap.aaf-sms|admin|AAF Namespace Administrators|"{'org.onap.aaf-sms|access|*|*'}"
-org.onap.aaf-sms|owner|AAF Namespace Owners|"{'org.onap.aaf-sms|access|*|read'}"
-org.onap.aaf-sms|service||"{'org.onap.aaf-sms|access|*|read'}"
-org.onap.aai|aaiui||
-org.onap.aai|Account_Administrator||
-org.onap.aai|admin|AAF Namespace Administrators|"{'org.onap.aai|access|*|*'}"
-org.onap.aai|owner|AAF Namespace Owners|"{'org.onap.aai|access|*|read'}"
-org.onap.aai|resources_all|resources_all|"{'org.onap.aai|resources|*|delete', 'org.onap.aai|resources|*|get', 'org.onap.aai|resources|*|patch', 'org.onap.aai|resources|*|post', 'org.onap.aai|resources|*|put'}"
-org.onap.aai|resources_readonly|resources_readonly|"{'org.onap.aai|resources|*|get'}"
-org.onap.aai|traversal_advanced|traversal_advanced|"{'org.onap.aai|traversal|*|advanced'}"
-org.onap.aai|traversal_basic|traversal_basic|"{'org.onap.aai|traversal|*|basic'}"
-org.onap.aai-resources|admin|AAF Namespace Administrators|"{'org.onap.aai-resources|access|*|*'}"
-org.onap.aai-resources|owner|AAF Namespace Owners|"{'org.onap.aai-resources|access|*|read'}"
-org.onap.aai-resources|service||"{'org.onap.aai-resources|access|*|*'}"
-org.onap.aai-schema-service|admin|AAF Namespace Administrators|"{'org.onap.aai-schema-service|access|*|*'}"
-org.onap.aai-schema-service|owner|AAF Namespace Owners|"{'org.onap.aai-schema-service|access|*|read'}"
-org.onap.aai-schema-service|service||"{'org.onap.aai-schema-service|access|*|*'}"
-org.onap.aai-traversal|admin|AAF Namespace Administrators|"{'org.onap.aai-traversal|access|*|*'}"
-org.onap.aai-traversal|owner|AAF Namespace Owners|"{'org.onap.aai-traversal|access|*|read'}"
-org.onap.aai-traversal|service||"{'org.onap.aai-traversal|access|*|*'}"
-org.onap|admin|Onap Admins|"{'org.onap.access|*|*'}"
-org.onap.appc|admin|AAF Namespace Administrators|"{'org.onap.appc|access|*|*'}"
-org.onap.appc|apidoc||"{'org.onap.appc|apidoc|/apidoc/.*|ALL'}"
-org.onap.appc|jolokia||
-org.onap.appc|odl|Onap APPC ODL Admins|"{'org.onap.appc.odl|odl-api|*'}"
-org.onap.appc|owner|AAF Namespace Owners|"{'org.onap.appc|access|*|read'}"
-org.onap.appc|restconf||"{'org.onap.appc|restconf|/restconf/.*|ALL'}"
-org.onap.appc|service||"{'org.onap.appc|access|*|*'}"
-org.onap.appc-cdt|admin|AAF Namespace Administrators|"{'org.onap.appc-cdt|access|*|*'}"
-org.onap.appc-cdt|owner|AAF Namespace Owners|"{'org.onap.appc-cdt|access|*|read'}"
-org.onap.appc-cdt|service||"{'org.onap.appc-cdt|access|*|*'}"
-org.onap.cds|admin|AAF Namespace Administrators|"{'org.onap.cds|access|*|*'}"
-org.onap.cds|owner|AAF Namespace Owners|"{'org.onap.cds|access|*|read'}"
-org.onap.clamp|admin|AAF Namespace Administrators|"{'org.onap.clamp|access|*|*', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass'}"
-org.onap.clamp|clds.admin.dev|Onap clamp Admin Dev|"{'org.onap.clamp.clds.template|dev|update', 'org.onap.clamp|clds.cl|dev|read', 'org.onap.clamp|clds.cl|dev|update', 'org.onap.clamp|clds.template|dev|read', 'org.onap.clamp|clds.template|dev|update'}"
-org.onap.clamp|clds.designer.dev|Onap clamp Designer Dev|"{'org.onap.clamp.clds.template|dev|update'}"
-org.onap.clamp|clds.vf_filter_all.dev|Onap clamp Filter All Dev|"{'org.onap.clamp.clds.filter.vf|dev|*'}"
-org.onap.clampdemo|admin|Onap Clamp Test Admins|"{'org.onap.clampdemo.access|*|*'}"
-org.onap.clampdemo|owner|onap clamp Test Owners|"{'org.onap.clampdemo.access|*|read'}"
-org.onap.clamp|owner|AAF Namespace Owners|
-org.onap.clamp|seeCerts||"{'org.onap.clamp|certman|local|request,ignoreIPs,showpass'}"
-org.onap.clamp|service||"{'org.onap.clamp|access|*|*', 'org.onap.clamp|clds.cl.manage|dev|*', 'org.onap.clamp|clds.cl|dev|*', 'org.onap.clamp|clds.filter.vf|dev|*', 'org.onap.clamp|clds.template|dev|*', 'org.onap.clamp|clds.tosca|dev|*', 'org.onap.clamp|clds.policies|dev|*'}"
-org.onap.clamptest|admin|Onap Clamp Test Admins|"{'org.onap.clamptest.access|*|*'}"
-org.onap.clamptest|owner|onap clamp Test Owners|"{'org.onap.clamptest.access|*|read'}"
-org.onap.cli|admin|AAF Namespace Administrators|"{'org.onap.cli|access|*|*'}"
-org.onap.cli|owner|AAF Namespace Owners|"{'org.onap.cli|access|*|read'}"
-org.onap.cli|service||"{'org.onap.cli|access|*|*'}"
-org.onap.dcae|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*', 'org.onap.dmaap-bc|access|*|read'}"
-org.onap.dcae|owner|AAF Namespace Owners|"{'org.onap.dcae|access|*|read'}"
-org.onap.dcae|pmPublisher||
-org.onap.dcae|pmSubscriber||
-org.onap.dcae|pnfPublisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view', 'org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|pub', 'org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|sub'}"
-org.onap.dcae|pnfSubscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|view'}"
-org.onap.dcae|seeCerts||"{'org.onap.dcae|certman|local|request,ignoreIPs,showpass'}"
-org.onap.dmaap|admin|AAF Namespace Administrators|"{'org.onap.dmaap|access|*|*'}"
-org.onap.dmaap-bc|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*', 'org.onap.dmaap-bc.api|access|*|*', 'org.onap.dmaap-bc.api|access|*|read', 'org.onap.dmaap-bc|access|*|*'}"
-org.onap.dmaap.bc|admin|AAF Namespace Administrators|"{'org.onap.dmaap.bc|access|*|*'}"
-org.onap.dmaapbc|admin|AAF Namespace Administrators|"{'org.onap.dmaapbc|access|*|*'}"
-org.onap.dmaap-bc.api|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc.api|access|*|*'}"
-org.onap.dmaap-bc.api|Controller||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT', 'org.onap.dmaap-bc.api|dmaap|boot|DELETE', 'org.onap.dmaap-bc.api|dmaap|boot|GET', 'org.onap.dmaap-bc.api|dmaap|boot|POST', 'org.onap.dmaap-bc.api|dmaap|boot|PUT', 'org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|POST', 'org.onap.dmaap-bc.api|dmaap|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
-org.onap.dmaap-bc.api|Inventory||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
-org.onap.dmaap-bc.api|Metrics||"{'org.onap.dmaap-bc.api|bridge|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
-org.onap.dmaap-bc.api|Orchestrator||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
-org.onap.dmaap-bc.api|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc.api|access|*|read'}"
-org.onap.dmaap-bc.api|PortalUser||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
-org.onap.dmaap-bc-mm-prov|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc-mm-prov|access|*|*'}"
-org.onap.dmaap-bc-mm-prov|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc-mm-prov|access|*|read'}"
-org.onap.dmaap-bc|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc|access|*|read'}"
-org.onap.dmaap.bc|owner|AAF Namespace Owners|"{'org.onap.dmaap.bc|access|*|read'}"
-org.onap.dmaapbc|owner|AAF Namespace Owners|"{'org.onap.dmaapbc|access|*|read'}"
-org.onap.dmaap-bc|seeCerts||"{'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass'}"
-org.onap.dmaap.bc|service||"{'org.onap.dmaap.bc|access|*|*'}"
-org.onap.dmaap-bc|service||"{'org.onap.dmaap-bc.api|access|*|read', 'org.onap.dmaap-dr|feed|*|*', 'org.onap.dmaap-dr|sub|*|*', 'org.onap.dmaap.mr|access|*|*', 'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create,destroy', 'org.onap.dmaap.mr|topic|*|*', 'org.onap.dmaap.mr|topic|*|view'}"
-org.onap.dmaap-bc-topic-mgr|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*', 'org.onap.dmaap-bc-topic-mgr|access|*|*'}"
-org.onap.dmaap-bc-topic-mgr|client||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create', 'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy'}"
-org.onap.dmaap-bc-topic-mgr|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc-topic-mgr|access|*|read'}"
-org.onap.dmaap-dr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-dr|access|*|*'}"
-org.onap.dmaap-dr|feed.admin||"{'org.onap.dmaap-dr|feed|*|*'}"
-org.onap.dmaap-dr|owner|AAF Namespace Owners|"{'org.onap.dmaap-dr|access|*|read'}"
-org.onap.dmaap-dr|seeCerts||"{'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass'}"
-org.onap.dmaap-dr|sub.admin||"{'org.onap.dmaap-dr|sub|*|*'}"
-org.onap.dmaap.mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr|access|*|*'}"
-org.onap.dmaap-mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr|access|*|*', 'org.onap.dmaap-mr|saitest|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub'}"
-org.onap.dmaap.mr.aNewTopic-123450|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-123450|access|*|*'}"
-org.onap.dmaap.mr.aNewTopic-123450|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-123450|access|*|read'}"
-org.onap.dmaap.mr.aNewTopic-123450|publisher||
-org.onap.dmaap.mr.aNewTopic-123450|subscriber||
-org.onap.dmaap.mr.aNewTopic-123451|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-123451|access|*|*'}"
-org.onap.dmaap.mr.aNewTopic-123451|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-123451|access|*|read'}"
-org.onap.dmaap.mr.aNewTopic-123451|publisher||
-org.onap.dmaap.mr.aNewTopic-123451|subscriber||
-org.onap.dmaap.mr.aNewTopic-1547667570|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-1547667570|access|*|*'}"
-org.onap.dmaap.mr.aNewTopic-1547667570|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-1547667570|access|*|read'}"
-org.onap.dmaap.mr|aNewTopic-1547667571.publisher||
-org.onap.dmaap.mr|aNewTopic-1547667571.subscriber||
-org.onap.dmaap.mr.aNewTopic-|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-|access|*|*'}"
-org.onap.dmaap.mr.aNewTopic-|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-|access|*|read'}"
-org.onap.dmaap.mr.aNewTopic-|publisher||
-org.onap.dmaap.mr.aNewTopic-|subscriber||
-org.onap.dmaap.mr.aTest-1547665517|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547665517|access|*|*'}"
-org.onap.dmaap.mr.aTest-1547665517|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547665517|access|*|read'}"
-org.onap.dmaap.mr.aTest-1547665517|publisher||
-org.onap.dmaap.mr|aTest-1547665518.subscriber||
-org.onap.dmaap.mr.aTest-1547666628|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547666628|access|*|*'}"
-org.onap.dmaap.mr.aTest-1547666628|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547666628|access|*|read'}"
-org.onap.dmaap.mr|aTest-1547666629.publisher||
-org.onap.dmaap.mr|aTest-1547666629.subscriber||
-org.onap.dmaap.mr.aTest-1547666760|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547666760|access|*|*'}"
-org.onap.dmaap.mr.aTest-1547666760|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547666760|access|*|read'}"
-org.onap.dmaap.mr|aTest-1547666761.publisher||
-org.onap.dmaap.mr|aTest-1547666761.subscriber||
-org.onap.dmaap.mr.aTest-1547666950|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547666950|access|*|*'}"
-org.onap.dmaap.mr.aTest-1547666950|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547666950|access|*|read'}"
-org.onap.dmaap.mr.aTest-1547666950|publisher||
-org.onap.dmaap.mr|aTest-1547666951.subscriber||
-org.onap.dmaap.mr.aTest-1547667031|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547667031|access|*|*'}"
-org.onap.dmaap.mr.aTest-1547667031|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547667031|access|*|read'}"
-org.onap.dmaap.mr|aTest-1547667032.publisher||
-org.onap.dmaap.mr|aTest-1547667032.subscriber||
-org.onap.dmaap.mr.aTestTopic-123456|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-123456|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-123456|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-123456|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-123456|publisher||
-org.onap.dmaap.mr.aTestTopic-123456|subscriber||
-org.onap.dmaap.mr.aTestTopic-123457|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-123457|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-123457|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-123457|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-123457|publisher||
-org.onap.dmaap.mr.aTestTopic-123457|subscriber||
-org.onap.dmaap.mr.aTestTopic-1547660509|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547660509|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547660509|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547660509|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-1547660861|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547660861|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547660861|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547660861|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-1547661011|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547661011|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547661011|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547661011|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-1547661011|publisher||
-org.onap.dmaap.mr.aTestTopic-1547662122|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547662122|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547662122|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547662122|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-1547662122|publisher||
-org.onap.dmaap.mr.aTestTopic-1547662451|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547662451|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547662451|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547662451|access|*|read'}"
-org.onap.dmaap.mr|aTestTopic-1547662452.publisher||
-org.onap.dmaap.mr.aTestTopic-1547664813|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547664813|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547664813|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547664813|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-1547664813|publisher||
-org.onap.dmaap.mr.aTestTopic-1547664813|subscriber||
-org.onap.dmaap.mr.aTestTopic-1547664928|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547664928|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547664928|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547664928|access|*|read'}"
-org.onap.dmaap.mr.aTestTopic-1547664928|publisher||
-org.onap.dmaap.mr.aTestTopic-1547664928|subscriber||
-org.onap.dmaap.mr.aTestTopic-1547666068|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547666068|access|*|*'}"
-org.onap.dmaap.mr.aTestTopic-1547666068|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547666068|access|*|read'}"
-org.onap.dmaap.mr.aTopic-1547654909|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTopic-1547654909|access|*|*'}"
-org.onap.dmaap.mr.aTopic-1547654909|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTopic-1547654909|access|*|read'}"
-org.onap.dmaap.mr|create||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create'}"
-org.onap.dmaap.mr|destroy||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy'}"
-org.onap.dmaap.mr.dgl000|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.dgl000|access|*|*'}"
-org.onap.dmaap.mr.dgl000|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.dgl000|access|*|read'}"
-org.onap.dmaap.mr.dgl000|publisher||
-org.onap.dmaap.mr.dgl000|subscriber||
-org.onap.dmaap.mr.dgl_ready|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.dgl_ready|access|*|*'}"
-org.onap.dmaap.mr.dgl_ready|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.dgl_ready|access|*|read'}"
-org.onap.dmaap.mr.dgl_ready|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|view'}"
-org.onap.dmaap.mr.dgl_ready|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|view'}"
-org.onap.dmaap.mr.IdentityTopic-12345|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.IdentityTopic-12345|access|*|*'}"
-org.onap.dmaap.mr.IdentityTopic-12345|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.IdentityTopic-12345|access|*|read'}"
-org.onap.dmaap.mr.IdentityTopic-12345|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|view'}"
-org.onap.dmaap.mr.IdentityTopic-12345|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|view'}"
-org.onap.dmaap.mr.IdentityTopic-1547839476|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|*'}"
-org.onap.dmaap.mr.IdentityTopic-1547839476|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|read'}"
-org.onap.dmaap.mr.IdentityTopic-1547839476|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|view'}"
-org.onap.dmaap.mr.IdentityTopic-1547839476|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|view'}"
-org.onap.dmaap.mr|mirrormaker.admin||"{'org.onap.dmaap.mr|mirrormaker|*|admin'}"
-org.onap.dmaap.mr.mirrormakeragent|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.mirrormakeragent|access|*|*'}"
-org.onap.dmaap.mr.mirrormakeragent|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.mirrormakeragent|access|*|read'}"
-org.onap.dmaap.mr.mirrormakeragent|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|view'}"
-org.onap.dmaap.mr.mirrormakeragent|pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|pub'}"
-org.onap.dmaap.mr.mirrormakeragent|sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|sub'}"
-org.onap.dmaap.mr.mirrormakeragent|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|view'}"
-org.onap.dmaap.mr|mirrormaker.user||"{'org.onap.dmaap.mr|mirrormaker|*|user'}"
-org.onap.dmaap.mr|mmagent.sub||
-org.onap.dmaap.mr|mmagent.sub1||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mmagent|sub'}"
-org.onap.dmaap.mr|mrtesttopic.pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub'}"
-org.onap.dmaap.mr|mrtesttopic.sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub'}"
-org.onap.dmaap.mr|mrtestt.pub||
-org.onap.dmaap-mr|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr|access|*|read'}"
-org.onap.dmaap.mr|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr|access|*|read'}"
-org.onap.dmaap.mr.partitionTest-1546033194|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.partitionTest-1546033194|access|*|*'}"
-org.onap.dmaap.mr.partitionTest-1546033194|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.partitionTest-1546033194|access|*|read'}"
-org.onap.dmaap.mr.PM_MAPPER|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.PM_MAPPER|access|*|*'}"
-org.onap.dmaap.mr.PM_MAPPER|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.PM_MAPPER|access|*|read'}"
-org.onap.dmaap.mr.PM_MAPPER|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|view'}"
-org.onap.dmaap.mr.PM_MAPPER|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|view'}"
-org.onap.dmaap.mr.PNF_READY|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.PNF_READY|access|*|*'}"
-org.onap.dmaap.mr.PNF_READY|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.PNF_READY|access|*|read'}"
-org.onap.dmaap.mr.PNF_READY|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view'}"
-org.onap.dmaap.mr.PNF_READY|pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|view'}"
-org.onap.dmaap.mr.PNF_READY|sub||
-org.onap.dmaap.mr.PNF_READY|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view'}"
-org.onap.dmaap.mr.PNF_REGISTRATION|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.PNF_REGISTRATION|access|*|*'}"
-org.onap.dmaap.mr.PNF_REGISTRATION|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.PNF_REGISTRATION|access|*|read'}"
-org.onap.dmaap.mr.PNF_REGISTRATION|pub||
-org.onap.dmaap.mr.PNF_REGISTRATION|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
-org.onap.dmaap.mr.PNF_REGISTRATION|sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
-org.onap.dmaap.mr|PNF_REGISTRATION.sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
-org.onap.dmaap.mr.PNF_REGISTRATION|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
-org.onap.dmaap-mr|Publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|view'}"
-org.onap.dmaap-mr|sai||"{'org.onap.dmaap-mr|saitest|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub'}"
-org.onap.dmaap.mr|service||"{'org.onap.dmaap.mr|access|*|read'}"
-org.onap.dmaap-mr.sunil|admin2||"{'org.onap.dmaap-mr.sunil|test|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub'}"
-org.onap.dmaap-mr.sunil|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr.sunil|access|*|*'}"
-org.onap.dmaap-mr.sunil|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr.sunil|access|*|read'}"
-org.onap.dmaap.mr|test1||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.test1|pub'}"
-org.onap.dmaap-mr.test|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr.test|access|*|*'}"
-org.onap.dmaap-mr.test|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr.test|access|*|read'}"
-org.onap.dmaap.mr.topic-000|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.topic-000|access|*|*'}"
-org.onap.dmaap.mr.topic-000|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.topic-000|access|*|read'}"
-org.onap.dmaap.mr.topic-000|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view'}"
-org.onap.dmaap.mr.topic-000|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view'}"
-org.onap.dmaap.mr.topic-001|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.topic-001|access|*|*'}"
-org.onap.dmaap.mr.topic-001|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.topic-001|access|*|read'}"
-org.onap.dmaap.mr.topic-001|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|view'}"
-org.onap.dmaap.mr.topic-001|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|view'}"
-org.onap.dmaap.mr.topic-002|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.topic-002|access|*|*'}"
-org.onap.dmaap.mr.topic-002|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.topic-002|access|*|read'}"
-org.onap.dmaap.mr.topic-002|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|view'}"
-org.onap.dmaap.mr.topic-002|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|view'}"
-org.onap.dmaap.mr|view||"{'org.onap.dmaap.mr|topic|*|view'}"
-org.onap.dmaap.mr|viewtest||"{'org.onap.dmaap.mr|viewtest|*|view'}"
-org.onap.dmaap|owner|AAF Namespace Owners|"{'org.onap.dmaap|access|*|read'}"
-org.onap.holmes|admin|AAF Namespace Administrators|"{'org.onap.holmes|access|*|*'}"
-org.onap.holmes|owner|AAF Namespace Owners|"{'org.onap.holmes|access|*|read'}"
-org.onap.holmes|service||
-org.onap.holmes-engine-mgmt|admin|AAF Namespace Administrators|"{'org.onap.holmes-engine-mgmt|access|*|*', 'org.onap.holmes-engine-mgmt|certman|local|request,ignoreIPs,showpass'}"
-org.onap.holmes-engine-mgmt|owner|AAF Namespace Owners|"{'org.onap.holmes-engine-mgmt|access|*|read'}"
-org.onap.holmes-engine-mgmt|seeCerts||"{'org.onap.holmes-engine-mgmt|certman|local|request,ignoreIPs,showpass'}"
-org.onap.holmes-engine-mgmt|service||"{'org.onap.holmes-engine-mgmt|access|*|*'}"
-org.onap.holmes-rule-mgmt|admin|AAF Namespace Administrators|"{'org.onap.holmes-rule-mgmt|access|*|*', 'org.onap.holmes-rule-mgmt|certman|local|request,ignoreIPs,showpass'}"
-org.onap.holmes-rule-mgmt|owner|AAF Namespace Owners|"{'org.onap.holmes-rule-mgmt|access|*|read'}"
-org.onap.holmes-rule-mgmt|seeCerts||"{'org.onap.holmes-rule-mgmt|certman|local|request,ignoreIPs,showpass'}"
-org.onap.holmes-rule-mgmt|service||"{'org.onap.holmes-rule-mgmt|access|*|*'}"
-org.onap.msb-eag|admin|AAF Namespace Administrators|"{'org.onap.msb-eag|access|*|*'}"
-org.onap.msb-eag|owner|AAF Namespace Owners|"{'org.onap.msb-eag|access|*|read'}"
-org.onap.msb-eag|service||"{'org.onap.msb-eag|access|*|*'}"
-org.onap.msb-iag|admin|AAF Namespace Administrators|"{'org.onap.msb-iag|access|*|*'}"
-org.onap.msb-iag|owner|AAF Namespace Owners|"{'org.onap.msb-iag|access|*|read'}"
-org.onap.msb-iag|service||"{'org.onap.msb-iag|access|*|*'}"
-org.onap.music|admin|AAF Namespace Administrators|"{'org.onap.music|access|*|*', 'org.onap.music|certman|local|request,ignoreIPs,showpass'}"
-org.onap.music|owner|AAF Namespace Owners|"{'org.onap.music|access|*|read'}"
-org.onap.music|service||
-org.onap.nbi|admin|AAF Namespace Administrators|"{'org.onap.nbi|access|*|*', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass'}"
-org.onap.nbi|owner|AAF Namespace Owners|"{'org.onap.nbi|access|*|read'}"
-org.onap.nbi|seeCerts||"{'org.onap.nbi|certman|local|request,ignoreIPs,showpass'}"
-org.onap.nbi|service||"{'org.onap.nbi|access|*|*'}"
-org.onap.oof|admin|AAF Namespace Administrators|"{'org.onap.oof|access|*|*', 'org.onap.oof|certman|local|request,ignoreIPs,showpass'}"
-org.onap.oof|owner|AAF Namespace Owners|"{'org.onap.oof|access|*|read'}"
-org.onap.oof|service||"{'org.onap.oof|access|*|*'}"
-org.onap|owner|onap Owners|"{'org.onap.access|*|read'}"
-org.onap.policy|Account_Administrator|null|
-org.onap.policy|admin||"{'org.onap.policy|access|*|*'}"
-org.onap.policy|owner|AAF Namespace Owners|"{'org.onap.policy|access|*|read'}"
-org.onap.policy|pdpd.admin|pdpd.admin|"{'org.onap.policy|access|*|*', 'org.onap.policy|access|*|read', 'org.onap.policy|pdpd.healthcheck.configuration|*|get', 'org.onap.policy|pdpd.healthcheck|*|get', 'org.onap.policy|pdpd.telemetry|*|delete', 'org.onap.policy|pdpd.telemetry|*|get', 'org.onap.policy|pdpd.telemetry|*|post', 'org.onap.policy|pdpd.telemetry|*|put'}"
-org.onap.policy|pdpd.monitor|pdpd.monitor|"{'org.onap.policy|pdpd.healthcheck|*|get', 'org.onap.policy|pdpd.telemetry|*|get'}"
-org.onap.policy|pdpx.admin|pdpx.admin|"{'org.onap.policy|pdpx.config|*|*', 'org.onap.policy|pdpx.createDictionary|*|*', 'org.onap.policy|pdpx.createPolicy|*|*', 'org.onap.policy|pdpx.decision|*|*', 'org.onap.policy|pdpx.getConfigByPolicyName|*|*', 'org.onap.policy|pdpx.getConfig|*|*', 'org.onap.policy|pdpx.getDecision|*|*', 'org.onap.policy|pdpx.getDictionary|*|*', 'org.onap.policy|pdpx.getMetrics|*|*', 'org.onap.policy|pdpx.listConfig|*|*', 'org.onap.policy|pdpx.listPolicy|*|*', 'org.onap.policy|pdpx.list|*|*', 'org.onap.policy|pdpx.policyEngineImport|*|*', 'org.onap.policy|pdpx.pushPolicy|*|*', 'org.onap.policy|pdpx.sendEvent|*|*', 'org.onap.policy|pdpx.updateDictionary|*|*', 'org.onap.policy|pdpx.updatePolicy|*|*'}"
-org.onap.policy|pdpx.monitor|pdpx.monitor|
-org.onap.policy|Policy_Admin|Policy_Admin|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_dictionary|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*'}"
-org.onap.policy|Policy_Editor|Policy_Editor|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*'}"
-org.onap.policy|Policy_Guest|Policy_Guest|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*'}"
-org.onap.policy|Policy_Super_Admin|Policy_Super_Admin|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_admin|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_dictionary|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*', 'org.onap.policy|url|policy_roles|*'}"
-org.onap.policy|Policy_Super_Guest|Policy_Super_Guest|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*'}"
-org.onap.policy|seeCerts|seeCerts|"{'org.onap.policy|certman|local|request,ignoreIPs,showpass'}"
-org.onap.policy|Standard_User|Standard User|"{'org.onap.policy|menu|menu_ajax|*', 'org.onap.policy|menu|menu_customer_create|*', 'org.onap.policy|menu|menu_customer|*', 'org.onap.policy|menu|menu_home|*', 'org.onap.policy|menu|menu_itracker|*', 'org.onap.policy|menu|menu_logout|*', 'org.onap.policy|menu|menu_map|*', 'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|menu|menu_profile|*', 'org.onap.policy|menu|menu_reports|*', 'org.onap.policy|menu|menu_tab|*', 'org.onap.policy|url|login|*', 'org.onap.policy|url|policy_admin|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_dictionary|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*', 'org.onap.policy|url|policy_roles|*'}"
-org.onap.policy|System_Administrator|System Administrator|"{'org.onap.policy|menu|menu_admin|*', 'org.onap.policy|menu|menu_ajax|*', 'org.onap.policy|menu|menu_customer_create|*', 'org.onap.policy|menu|menu_customer|*', 'org.onap.policy|menu|menu_feedback|*', 'org.onap.policy|menu|menu_help|*', 'org.onap.policy|menu|menu_home|*', 'org.onap.policy|menu|menu_itracker|*', 'org.onap.policy|menu|menu_job_create|*', 'org.onap.policy|menu|menu_job|*', 'org.onap.policy|menu|menu_logout|*', 'org.onap.policy|menu|menu_notes|*', 'org.onap.policy|menu|menu_process|*', 'org.onap.policy|menu|menu_profile_create|*', 'org.onap.policy|menu|menu_profile_import|*', 'org.onap.policy|menu|menu_profile|*', 'org.onap.policy|menu|menu_reports|*', 'org.onap.policy|menu|menu_sample|*', 'org.onap.policy|menu|menu_tab|*', 'org.onap.policy|menu|menu_test|*', 'org.onap.policy|url|doclib_admin|*', 'org.onap.policy|url|doclib|*', 'org.onap.policy|url|login|*'}"
-org.onap.pomba|admin|AAF Namespace Administrators|"{'org.onap.pomba|access|*|*'}"
-org.onap.pomba|owner|AAF Namespace Owners|"{'org.onap.pomba|access|*|read'}"
-org.onap.portal|Account_Administrator|Account Administrator|"{'org.onap.portal|menu|menu_acc_admin|*', 'org.onap.portal|url|centralizedApps|*', 'org.onap.portal|url|getAdminNotifications|*', 'org.onap.portal|url|getAllWebAnalytics|*', 'org.onap.portal|url|getFunctionalMenuRole|*', 'org.onap.portal|url|getNotificationAppRoles|*', 'org.onap.portal|url|getUserAppsWebAnalytics|*', 'org.onap.portal|url|getUserJourneyAnalyticsReport|*', 'org.onap.portal|url|get_role_functions%2f%2a|*', 'org.onap.portal|url|get_roles%2f%2a|*', 'org.onap.portal|url|notification_code|*', 'org.onap.portal|url|role_function_list%2fsaveRoleFunction%2f%2a|*', 'org.onap.portal|url|syncRoles|*', 'org.onap.portal|url|userAppRoles|*', 'org.onap.portal|url|userApps|*'}"
-org.onap.portal|admin|Portal Admins|"{'org.onap.portal.access|*|*'}"
-org.onap.portal|owner|Portal Owner|"{'org.onap.portal.access|*|read'}"
-org.onap.portal|Portal_Notification_Admin|Portal Notification Admin|"{'org.onap.portal|url|edit_notification|*', 'org.onap.portal|url|getAdminNotifications|*', 'org.onap.portal|url|saveNotification|*'}"
-org.onap.portal|Portal_Usage_Analyst|Portal Usage Analyst|"{'org.onap.portal|menu|menu_web_analytics|*'}"
-org.onap.portal|Restricted_App_Role|Restricted App Role|
-org.onap.portal|Standard_User|Standard User|"{'org.onap.portal|menu|menu_home|*', 'org.onap.portal|menu|menu_logout|*', 'org.onap.portal|url|login|*'}"
-org.onap.portal|System_Administrator|System Administrator|"{'org.onap.portal|menu|menu_acc_admin|*', 'org.onap.portal|menu|menu_admin|*', 'org.onap.portal|menu|menu_home|*', 'org.onap.portal|menu|menu_logout|*', 'org.onap.portal|url|login|*'}"
-org.onap.portal.test|admin|AAF Namespace Administrators|"{'org.onap.portal.test|access|*|*'}"
-org.onap.portal.test|oof-homing||
-org.onap.portal.test|owner|AAF Namespace Owners|"{'org.onap.portal.test|access|*|read'}"
-org.onap.portal.test|user1||
-org.onap.portal|Usage_Analyst|Usage Analyst|"{'org.onap.portal|menu|menu_admin|*', 'org.onap.portal|menu|menu_task_search|*', 'org.onap.portal|menu|menu_task|*', 'org.onap.portal|menu|menu_web_analytics|*'}"
-org.onap.refrepo|admin|AAF Namespace Administrators|"{'org.onap.refrepo|access|*|*', 'org.onap.refrepo|certman|local|request,ignoreIPs,showpass'}"
-org.onap.refrepo|owner|AAF Namespace Owners|"{'org.onap.refrepo|access|*|read'}"
-org.onap.refrepo|seeCerts||"{'org.onap.refrepo|certman|local|request,ignoreIPs,showpass'}"
-org.onap.refrepo|service||"{'org.onap.refrepo|access|*|*'}"
-org.onap.sdc|Account_Administrator||
-org.onap.sdc|admin|AAF Namespace Administrators|"{'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|access|*|*', 'org.onap.sdc|administrator.access|*|*', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass'}"
-org.onap.sdc|ADMIN|ADMIN|
-org.onap.sdc|app|app|
-org.onap.sdc|designer||"{'org.onap.sdc|designer.access|*|*'}"
-org.onap.sdc|governor||"{'org.onap.sdc|governance.access|*|*'}"
-org.onap.sdc|ops||"{'org.onap.sdc|operations.access|*|*'}"
-org.onap.sdc|owner|AAF Namespace Owners|"{'org.onap.sdc|access|*|read'}"
-org.onap.sdc|tester||"{'org.onap.sdc|tester.access|*|*'}"
-org.onap.sdc|TESTOR|TESTOR|
-org.onap.sdnc|admin|AAF Namespace Administrators|"{'org.onap.sdnc|access|*|*', 'org.onap.sdnc|odl|odl-api|*'}"
-org.onap.sdnc-cds|admin|AAF Namespace Administrators|"{'org.onap.sdnc-cds|access|*|*'}"
-org.onap.sdnc-cds|owner|AAF Namespace Owners|"{'org.onap.sdnc-cds|access|*|read'}"
-org.onap.sdnc-cds|service||"{'org.onap.sdnc-cds|access|*|*'}"
-org.onap.sdnc|owner|AAF Namespace Owners|"{'org.onap.sdnc|access|*|read'}"
-org.onap.sdnc|service||"{'org.onap.sdnc|access|*|*', 'org.onap.sdnc|odl|odl-api|*', 'org.onap.sdnc|odl|odl-api|create', 'org.onap.sdnc|odl|odl-api|delete', 'org.onap.sdnc|odl|odl-api|read', 'org.onap.sdnc|odl|odl-api|update'}"
-org.onap.so|admin|AAF Namespace Administrators|"{'org.onap.so|access|*|*', 'org.onap.so|certman|local|request,ignoreIPs,showpass'}"
-org.onap.so|app||"{'org.onap.so|access|*|*'}"
-org.onap.so|owner|AAF Namespace Owners|"{'org.onap.so|access|*|read'}"
-org.onap.so|seeCerts||"{'org.onap.so|certman|local|request,ignoreIPs,showpass'}"
-org.onap.vfc|admin|AAF Namespace Administrators|"{'org.onap.vfc|access|*|*'}"
-org.onap.vfc|owner|AAF Namespace Owners|"{'org.onap.vfc|access|*|read'}"
-org.onap.vfc|service||"{'org.onap.vfc|access|*|*'}"
-org.onap.vid1|admin|AAF Namespace Administrators|"{'org.onap.vid1|access|*|*'}"
-org.onap.vid1|owner|AAF Namespace Owners|"{'org.onap.vid1|access|*|read'}"
-org.onap.vid2|admin|AAF Namespace Administrators|"{'org.onap.vid2|access|*|*'}"
-org.onap.vid2|owner|AAF Namespace Owners|"{'org.onap.vid2|access|*|read'}"
-org.onap.vid|Account_Administrator||
-org.onap.vid|admin|AAF Namespace Administrators|"{'org.onap.vid|access|*|*'}"
-org.onap.vid|Demonstration___gNB||
-org.onap.vid|Demonstration___vCPE||
-org.onap.vid|Demonstration___vFW||
-org.onap.vid|Demonstration___vFWCL||
-org.onap.vid|Demonstration___vIMS||
-org.onap.vid|Demonstration___vLB||
-org.onap.vid|member|member|
-org.onap.vid|owner|AAF Namespace Owners|"{'org.onap.vid|access|*|read'}"
-org.onap.vid|seeCerts|seeCerts|
-org.onap.vid|service|service|
-org.onap.vid|Standard_User|Standard User|"{'org.onap.vid|menu|menu_ajax|*', 'org.onap.vid|menu|menu_changemanagement|*', 'org.onap.vid|menu|menu_customer_create|*', 'org.onap.vid|menu|menu_customer|*', 'org.onap.vid|menu|menu_home|*', 'org.onap.vid|menu|menu_itracker|*', 'org.onap.vid|menu|menu_logout|*', 'org.onap.vid|menu|menu_map|*', 'org.onap.vid|menu|menu_newserinstance|*', 'org.onap.vid|menu|menu_profile|*', 'org.onap.vid|menu|menu_reports|*', 'org.onap.vid|menu|menu_searchexisting|*', 'org.onap.vid|menu|menu_servicemodels|*', 'org.onap.vid|menu|menu_tab|*', 'org.onap.vid|menu|menu_viewlog|*', 'org.onap.vid|url|login|*'}"
-org.onap.vid|System_Administrator|System Administrator|"{'org.onap.vid|menu|menu_admin|*', 'org.onap.vid|menu|menu_ajax|*', 'org.onap.vid|menu|menu_changemanagement|*', 'org.onap.vid|menu|menu_customer_create|*', 'org.onap.vid|menu|menu_customer|*', 'org.onap.vid|menu|menu_feedback|*', 'org.onap.vid|menu|menu_help|*', 'org.onap.vid|menu|menu_home|*', 'org.onap.vid|menu|menu_itracker|*', 'org.onap.vid|menu|menu_job_create|*', 'org.onap.vid|menu|menu_job|*', 'org.onap.vid|menu|menu_logout|*', 'org.onap.vid|menu|menu_newserinstance|*', 'org.onap.vid|menu|menu_notes|*', 'org.onap.vid|menu|menu_process|*', 'org.onap.vid|menu|menu_profile_create|*', 'org.onap.vid|menu|menu_profile_import|*', 'org.onap.vid|menu|menu_profile|*', 'org.onap.vid|menu|menu_reports|*', 'org.onap.vid|menu|menu_sample|*', 'org.onap.vid|menu|menu_searchexisting|*', 'org.onap.vid|menu|menu_servicemodels|*', 'org.onap.vid|menu|menu_tab|*', 'org.onap.vid|menu|menu_test|*', 'org.onap.vid|menu|menu_viewlog|*', 'org.onap.vid|url|doclib_admin|*', 'org.onap.vid|url|doclib|*', 'org.onap.vid|url|login|*'}"
-org.onap.uui|admin|AAF Namespace Administrators|"{'org.onap.uui|access|*|*', 'org.onap.uui|certman|local|request,ignoreIPs,showpass'}"
-org.onap.uui|owner|AAF Namespace Owners|"{'org.onap.uui|access|*|read'}"
-org.onap.uui|seeCerts||"{'org.onap.uui|certman|local|request,ignoreIPs,showpass'}"
-org.onap.uui|service||"{'org.onap.uui|access|*|*'}"
-org.openecomp|admin|OpenEcomp Admins|"{'org.openecomp.access|*|*'}"
-org.openecomp.dmaapBC|admin|AAF Admins|"{'org.openecomp.dmaapBC.access|*|*', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub', 'org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create'}"
-org.openecomp.dmaapBC|owner|AAF Owners|"{'org.openecomp.dmaapBC.access|*|read'}"
-org.openecomp|owner|OpenEcomp Owners|"{'org.openecomp.access|*|read'}"
-org.osaaf.aaf|admin|AAF Admins|"{'org.osaaf.aaf.access|*|*', 'org.osaaf.aaf|cache|all|clear', 'org.osaaf.aaf|cache|role|clear', 'org.osaaf.aaf|password|*|create,reset'}"
-org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.a1p|certman|local|request,ignoreIPs,showpass', 'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-resources|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-schema-service|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-traversal|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.cli|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.holmes-engine-mgmt|certman|local|request,ignoreIPs,showpass', 'org.onap.holmes-rule-mgmt|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-eag|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-iag|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.refrepo|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.onap.uui|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
-org.osaaf.aaf|owner|AAF Owners|"{'org.osaaf.aaf.access|*|read,approve'}"
-org.osaaf.aaf|service||"{'org.osaaf.aaf|cache|*|clear'}"
-org.osaaf|admin|OSAAF Admins|"{'org.osaaf.access|*|*'}"
-org.osaaf|owner|OSAAF Owners|"{'org.osaaf.access|*|read,approve'}"
-org.osaaf.people|admin|AAF Namespace Administrators|"{'org.osaaf.people|access|*|*'}"
-org.osaaf.people|owner|AAF Namespace Owners|"{'org.osaaf.people|access|*|read'}"
-org|owner|Org Owners|"{'org.access|*|read,approve'}"
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
deleted file mode 100644
index bc9f0ec833..0000000000
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
+++ /dev/null
@@ -1,430 +0,0 @@
-mmanager@people.osaaf.org|org.onap.a1p.admin|2020-11-26 12:31:54.000+0000|org.onap.a1p|admin
-mmanager@people.osaaf.org|org.onap.a1p.owner|2020-11-26 12:31:54.000+0000|org.onap.a1p|owner
-mmanager@people.osaaf.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
-mmanager@people.osaaf.org|org.onap.aaf-sms.owner|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|owner
-mmanager@people.osaaf.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
-mmanager@people.osaaf.org|org.onap.aai.owner|2020-11-26 12:31:54.000+0000|org.onap.aai|owner
-mmanager@people.osaaf.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
-mmanager@people.osaaf.org|org.onap.aai-resources.owner|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|owner
-mmanager@people.osaaf.org|org.onap.aai-schema-service.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-schema-service|admin
-mmanager@people.osaaf.org|org.onap.aai-schema-service.owner|2020-11-26 12:31:54.000+0000|org.onap.aai-schema-service|owner
-mmanager@people.osaaf.org|org.onap.aai-traversal.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|admin
-mmanager@people.osaaf.org|org.onap.aai-traversal.owner|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|owner
-mmanager@people.osaaf.org|org.onap.admin|2020-11-26 12:31:54.000+0000|org.onap|admin
-mmanager@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
-mmanager@people.osaaf.org|org.onap.appc.owner|2020-11-26 12:31:54.000+0000|org.onap.appc|owner
-mmanager@people.osaaf.org|org.onap.appc-cdt.admin|2020-11-26 12:31:54.000+0000|org.onap.appc-cdt|admin
-mmanager@people.osaaf.org|org.onap.appc-cdt.owner|2020-11-26 12:31:54.000+0000|org.onap.appc-cdt|owner
-mmanager@people.osaaf.org|org.onap.cds.admin|2020-11-26 12:31:54.000+0000|org.onap.cds|admin
-mmanager@people.osaaf.org|org.onap.cds.owner|2020-11-26 12:31:54.000+0000|org.onap.cds|owner
-mmanager@people.osaaf.org|org.onap.clamp.admin|2020-11-26 12:31:54.000+0000|org.onap.clamp|admin
-mmanager@people.osaaf.org|org.onap.clamp.owner|2020-11-26 12:31:54.000+0000|org.onap.clamp|owner
-mmanager@people.osaaf.org|org.onap.cli.admin|2020-11-26 12:31:54.000+0000|org.onap.cli|admin
-mmanager@people.osaaf.org|org.onap.cli.owner|2020-11-26 12:31:54.000+0000|org.onap.cli|owner
-mmanager@people.osaaf.org|org.onap.dcae.admin|2020-11-26 12:31:54.000+0000|org.onap.dcae|admin
-mmanager@people.osaaf.org|org.onap.dcae.owner|2020-11-26 12:31:54.000+0000|org.onap.dcae|owner
-mmanager@people.osaaf.org|org.onap.dmaap.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap|admin
-mmanager@people.osaaf.org|org.onap.dmaap-bc.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|admin
-mmanager@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
-mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|admin
-mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|owner
-mmanager@people.osaaf.org|org.onap.dmaap-bc.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|owner
-mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|admin
-mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|owner
-mmanager@people.osaaf.org|org.onap.dmaap-dr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|owner
-mmanager@people.osaaf.org|org.onap.dmaap-mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|admin
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123450.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123450|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-1547667570.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547665517.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547665517|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666628.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666628|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666760.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666760|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666950.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666950|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547667031.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547667031|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123456.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123456|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123457.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123457|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660509.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660861.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547661011.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662122.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662451.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664813.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664928.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547666068.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.aTopic-1547654909.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTopic-1547654909|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.dgl000.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|owner
-mmanager@people.osaaf.org|org.onap.dmaap-mr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|owner
-mmanager@people.osaaf.org|org.onap.dmaap.mr.partitionTest-1546033194.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|owner
-mmanager@people.osaaf.org|org.onap.dmaap-mr.sunil.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.sunil|owner
-mmanager@people.osaaf.org|org.onap.dmaap-mr.test.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.test|owner
-mmanager@people.osaaf.org|org.onap.dmaap.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap|owner
-mmanager@people.osaaf.org|org.onap.holmes.owner|2020-11-26 12:31:54.000+0000|org.onap.holmes|owner
-mmanager@people.osaaf.org|org.onap.holmes-engine-mgmt.owner|2020-11-26 12:31:54.000+0000|org.onap.holmes-engine-mgmt|owner
-mmanager@people.osaaf.org|org.onap.holmes-rule-mgmt.owner|2020-11-26 12:31:54.000+0000|org.onap.holmes-rule-mgmt|owner
-mmanager@people.osaaf.org|org.onap.msb-eag.admin|2020-11-26 12:31:54.000+0000|org.onap.msb-eag|admin
-mmanager@people.osaaf.org|org.onap.msb-eag.owner|2020-11-26 12:31:54.000+0000|org.onap.msb-eag|owner
-mmanager@people.osaaf.org|org.onap.msb-iag.admin|2020-11-26 12:31:54.000+0000|org.onap.msb-iag|admin
-mmanager@people.osaaf.org|org.onap.msb-iag.owner|2020-11-26 12:31:54.000+0000|org.onap.msb-iag|owner
-mmanager@people.osaaf.org|org.onap.music.admin|2020-11-26 12:31:54.000+0000|org.onap.music|admin
-mmanager@people.osaaf.org|org.onap.music.owner|2020-11-26 12:31:54.000+0000|org.onap.music|owner
-mmanager@people.osaaf.org|org.onap.nbi.owner|2020-11-26 12:31:54.000+0000|org.onap.nbi|owner
-mmanager@people.osaaf.org|org.onap.ngi.owner|2020-11-26 12:31:54.000+0000|org.onap.ngi|owner
-mmanager@people.osaaf.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
-mmanager@people.osaaf.org|org.onap.oof.owner|2020-11-26 12:31:54.000+0000|org.onap.oof|owner
-mmanager@people.osaaf.org|org.onap.owner|2020-11-26 12:31:54.000+0000|org.onap|owner
-mmanager@people.osaaf.org|org.onap.policy.owner|2020-11-26 12:31:54.000+0000|org.onap.policy|owner
-mmanager@people.osaaf.org|org.onap.pomba.admin|2020-11-26 12:31:54.000+0000|org.onap.pomba|admin
-mmanager@people.osaaf.org|org.onap.pomba.owner|2020-11-26 12:31:54.000+0000|org.onap.pomba|owner
-mmanager@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
-mmanager@people.osaaf.org|org.onap.portal.owner|2020-11-26 12:31:54.000+0000|org.onap.portal|owner
-mmanager@people.osaaf.org|org.onap.refrepo.owner|2020-11-26 12:31:54.000+0000|org.onap.refrepo|owner
-mmanager@people.osaaf.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
-mmanager@people.osaaf.org|org.onap.sdc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdc|owner
-mmanager@people.osaaf.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
-mmanager@people.osaaf.org|org.onap.sdnc-cds.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|admin
-mmanager@people.osaaf.org|org.onap.sdnc-cds.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|owner
-mmanager@people.osaaf.org|org.onap.sdnc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc|owner
-mmanager@people.osaaf.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
-mmanager@people.osaaf.org|org.onap.so.owner|2020-11-26 12:31:54.000+0000|org.onap.so|owner
-mmanager@people.osaaf.org|org.onap.vfc.admin|2020-11-26 12:31:54.000+0000|org.onap.vfc|admin
-mmanager@people.osaaf.org|org.onap.vfc.owner|2020-11-26 12:31:54.000+0000|org.onap.vfc|owner
-mmanager@people.osaaf.org|org.onap.vid1.admin|2020-11-26 12:31:54.000+0000|org.onap.vid1|admin
-mmanager@people.osaaf.org|org.onap.vid1.owner|2020-11-26 12:31:54.000+0000|org.onap.vid1|owner
-mmanager@people.osaaf.org|org.onap.vid2.admin|2020-11-26 12:31:54.000+0000|org.onap.vid2|admin
-mmanager@people.osaaf.org|org.onap.vid2.owner|2020-11-26 12:31:54.000+0000|org.onap.vid2|owner
-mmanager@people.osaaf.org|org.onap.vid.admin|2020-11-26 12:31:54.000+0000|org.onap.vid|admin
-mmanager@people.osaaf.org|org.onap.vid.owner|2020-11-26 12:31:54.000+0000|org.onap.vid|owner
-mmanager@people.osaaf.org|org.onap.uui.owner|2020-11-26 12:31:54.000+0000|org.onap.uui|owner
-mmanager@people.osaaf.org|org.osaaf.people.owner|2020-11-26 12:31:54.000+0000|org.osaaf.people|owner
-portal@portal.onap.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
-portal@portal.onap.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
-portal@portal.onap.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
-portal@portal.onap.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
-portal@portal.onap.org|org.onap.appc.apidoc|2020-11-26 12:31:54.000+0000|org.onap.appc|apidoc
-portal@portal.onap.org|org.onap.appc.restconf|2020-11-26 12:31:54.000+0000|org.onap.appc|restconf
-portal@portal.onap.org|org.onap.cds.admin|2020-11-26 12:31:54.000+0000|org.onap.cds|admin
-portal@portal.onap.org|org.onap.clamp.admin|2020-11-26 12:31:54.000+0000|org.onap.clamp|admin
-portal@portal.onap.org|org.onap.dcae.admin|2020-11-26 12:31:54.000+0000|org.onap.dcae|admin
-portal@portal.onap.org|org.onap.dmaap-bc.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|admin
-portal@portal.onap.org|org.onap.dmaap-bc.api.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|admin
-portal@portal.onap.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
-portal@portal.onap.org|org.onap.dmaap-bc-mm-prov.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|admin
-portal@portal.onap.org|org.onap.dmaap-bc-topic-mgr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|admin
-portal@portal.onap.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
-portal@portal.onap.org|org.onap.dmaap-mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|admin
-portal@portal.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
-portal@portal.onap.org|org.onap.dmaap.mr.dgl_ready.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl_ready|owner
-portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner
-portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner
-portal@portal.onap.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner
-portal@portal.onap.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.sub
-portal@portal.onap.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner
-portal@portal.onap.org|org.onap.dmaap.mr.PNF_READY.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|owner
-portal@portal.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner
-portal@portal.onap.org|org.onap.dmaap-mr.sunil.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.sunil|admin
-portal@portal.onap.org|org.onap.dmaap.mr.test1|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|test1
-portal@portal.onap.org|org.onap.dmaap-mr.test.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.test|admin
-portal@portal.onap.org|org.onap.dmaap.mr.topic-000.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-000|owner
-portal@portal.onap.org|org.onap.dmaap.mr.topic-001.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-001|owner
-portal@portal.onap.org|org.onap.dmaap.mr.topic-002.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-002|owner
-portal@portal.onap.org|org.onap.holmes.admin|2020-11-26 12:31:54.000+0000|org.onap.holmes|admin
-portal@portal.onap.org|org.onap.msb-eag.admin|2020-11-26 12:31:54.000+0000|org.onap.msb-eag|admin
-portal@portal.onap.org|org.onap.msb-iag.admin|2020-11-26 12:31:54.000+0000|org.onap.msb-iag|admin
-portal@portal.onap.org|org.onap.music.admin|2020-11-26 12:31:54.000+0000|org.onap.music|admin
-portal@portal.onap.org|org.onap.music.owner|2020-11-26 12:31:54.000+0000|org.onap.music|owner
-portal@portal.onap.org|org.onap.nbi.admin|2020-11-26 12:31:54.000+0000|org.onap.nbi|admin
-portal@portal.onap.org|org.onap.ngi.admin|2020-11-26 12:31:54.000+0000|org.onap.ngi|admin
-portal@portal.onap.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
-portal@portal.onap.org|org.onap.policy.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|admin
-portal@portal.onap.org|org.onap.pomba.admin|2020-11-26 12:31:54.000+0000|org.onap.pomba|admin
-portal@portal.onap.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
-portal@portal.onap.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
-portal@portal.onap.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
-portal@portal.onap.org|org.onap.sdnc-cds.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|admin
-portal@portal.onap.org|org.onap.sdnc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc|owner
-portal@portal.onap.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
-portal@portal.onap.org|org.onap.vfc.admin|2020-11-26 12:31:54.000+0000|org.onap.vfc|admin
-portal@portal.onap.org|org.onap.vid1.admin|2020-11-26 12:31:54.000+0000|org.onap.vid1|admin
-portal@portal.onap.org|org.onap.vid2.admin|2020-11-26 12:31:54.000+0000|org.onap.vid2|admin
-portal@portal.onap.org|org.onap.vid.admin|2020-11-26 12:31:54.000+0000|org.onap.vid|admin
-portal@portal.onap.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
-portal@portal.onap.org|org.osaaf.people.admin|2020-11-26 12:31:54.000+0000|org.osaaf.people|admin
-shi@portal.onap.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
-demo@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
-demo@people.osaaf.org|org.onap.aai.aaiui|2020-11-26 12:31:54.000+0000|org.onap.aai|aaiui
-demo@people.osaaf.org|org.onap.aai.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.aai|Account_Administrator
-demo@people.osaaf.org|org.onap.aai.resources_readonly|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_readonly
-demo@people.osaaf.org|org.onap.aai.traversal_basic|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_basic
-demo@people.osaaf.org|org.onap.clamp.service|2020-11-26 12:31:54.000+0000|org.onap.clamp|service
-demo@people.osaaf.org|org.onap.dcae.pnfPublisher|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfPublisher
-demo@people.osaaf.org|org.onap.dcae.pnfSubscriber|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfSubscriber
-demo@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
-demo@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher
-demo@people.osaaf.org|org.onap.dmaap.mr.create|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|create
-demo@people.osaaf.org|org.onap.dmaap.mr.destroy|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|destroy
-demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub
-demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher
-demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub
-demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber
-demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.pub
-demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.sub
-demo@people.osaaf.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
-demo@people.osaaf.org|org.onap.policy.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.policy|Account_Administrator
-demo@people.osaaf.org|org.onap.policy.pdpd.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpd.admin
-demo@people.osaaf.org|org.onap.policy.pdpx.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpx.admin
-demo@people.osaaf.org|org.onap.policy.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.policy|System_Administrator
-demo@people.osaaf.org|org.onap.portal.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.portal|Account_Administrator
-demo@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
-demo@people.osaaf.org|org.onap.portal.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.portal|System_Administrator
-demo@people.osaaf.org|org.onap.portal.test.admin|2020-11-26 12:31:54.000+0000|org.onap.portal.test|admin
-demo@people.osaaf.org|org.onap.portal.test.owner|2020-11-26 12:31:54.000+0000|org.onap.portal.test|owner
-demo@people.osaaf.org|org.onap.portal.test.user1|2020-11-26 12:31:54.000+0000|org.onap.portal.test|user1
-demo@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.sdc|Account_Administrator
-demo@people.osaaf.org|org.onap.sdc.ADMIN|2020-11-26 12:31:54.000+0000|org.onap.sdc|ADMIN
-demo@people.osaaf.org|org.onap.vid.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|Account_Administrator
-demo@people.osaaf.org|org.onap.vid.Demonstration___gNB|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___gNB
-demo@people.osaaf.org|org.onap.vid.Demonstration___vCPE|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vCPE
-demo@people.osaaf.org|org.onap.vid.Demonstration___vFW|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vFW
-demo@people.osaaf.org|org.onap.vid.Demonstration___vFWCL|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vFWCL
-demo@people.osaaf.org|org.onap.vid.Demonstration___vIMS|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vIMS
-demo@people.osaaf.org|org.onap.vid.Demonstration___vLB|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vLB
-demo@people.osaaf.org|org.onap.vid.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|System_Administrator
-jh0003@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
-jh0003@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.sdc|Account_Administrator
-jh0003@people.osaaf.org|org.onap.sdc.ADMIN|2020-11-26 12:31:54.000+0000|org.onap.sdc|ADMIN
-cs0008@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
-jm0007@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
-op0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
-gv0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
-pm0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
-ps0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
-aaf_admin@people.osaaf.org|org.onap.a1p.admin|2020-11-26 12:31:54.000+0000|org.onap.a1p|admin
-aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
-aaf_admin@people.osaaf.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
-aaf_admin@people.osaaf.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
-aaf_admin@people.osaaf.org|org.onap.aai-schema-service.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-schema-service|admin
-aaf_admin@people.osaaf.org|org.onap.aai-traversal.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|admin
-aaf_admin@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
-aaf_admin@people.osaaf.org|org.onap.appc.apidoc|2020-11-26 12:31:54.000+0000|org.onap.appc|apidoc
-aaf_admin@people.osaaf.org|org.onap.appc.restconf|2020-11-26 12:31:54.000+0000|org.onap.appc|restconf
-aaf_admin@people.osaaf.org|org.onap.appc-cdt.admin|2020-11-26 12:31:54.000+0000|org.onap.appc-cdt|admin
-aaf_admin@people.osaaf.org|org.onap.cds.admin|2020-11-26 12:31:54.000+0000|org.onap.cds|admin
-aaf_admin@people.osaaf.org|org.onap.clamp.admin|2020-11-26 12:31:54.000+0000|org.onap.clamp|admin
-aaf_admin@people.osaaf.org|org.onap.cli.admin|2020-11-26 12:31:54.000+0000|org.onap.cli|admin
-aaf_admin@people.osaaf.org|org.onap.dcae.admin|2020-11-26 12:31:54.000+0000|org.onap.dcae|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap-bc.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
-aaf_admin@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap-mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.dgl_ready.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl_ready|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.sub
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_READY.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap-mr.sunil.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.sunil|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.test1|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|test1
-aaf_admin@people.osaaf.org|org.onap.dmaap-mr.test.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.test|admin
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-000.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-000|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-001.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-001|owner
-aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-002.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-002|owner
-aaf_admin@people.osaaf.org|org.onap.holmes.admin|2020-11-26 12:31:54.000+0000|org.onap.holmes|admin
-aaf_admin@people.osaaf.org|org.onap.holmes-engine-mgmt.admin|2020-11-26 12:31:54.000+0000|org.onap.holmes-engine-mgmt|admin
-aaf_admin@people.osaaf.org|org.onap.holmes-rule-mgmt.admin|2020-11-26 12:31:54.000+0000|org.onap.holmes-rule-mgmt|admin
-aaf_admin@people.osaaf.org|org.onap.msb-eag.admin|2020-11-26 12:31:54.000+0000|org.onap.msb-eag|admin
-aaf_admin@people.osaaf.org|org.onap.msb-iag.admin|2020-11-26 12:31:54.000+0000|org.onap.msb-iag|admin
-aaf_admin@people.osaaf.org|org.onap.music.admin|2020-11-26 12:31:54.000+0000|org.onap.music|admin
-aaf_admin@people.osaaf.org|org.onap.music.owner|2020-11-26 12:31:54.000+0000|org.onap.music|owner
-aaf_admin@people.osaaf.org|org.onap.nbi.admin|2020-11-26 12:31:54.000+0000|org.onap.nbi|admin
-aaf_admin@people.osaaf.org|org.onap.ngi.admin|2020-11-26 12:31:54.000+0000|org.onap.ngi|admin
-aaf_admin@people.osaaf.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
-aaf_admin@people.osaaf.org|org.onap.policy.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|admin
-aaf_admin@people.osaaf.org|org.onap.pomba.admin|2020-11-26 12:31:54.000+0000|org.onap.pomba|admin
-aaf_admin@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
-aaf_admin@people.osaaf.org|org.onap.refrepo.admin|2020-11-26 12:31:54.000+0000|org.onap.refrepo|admin
-aaf_admin@people.osaaf.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
-aaf_admin@people.osaaf.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
-aaf_admin@people.osaaf.org|org.onap.sdnc-cds.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|admin
-aaf_admin@people.osaaf.org|org.onap.sdnc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc|owner
-aaf_admin@people.osaaf.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
-aaf_admin@people.osaaf.org|org.onap.vfc.admin|2020-11-26 12:31:54.000+0000|org.onap.vfc|admin
-aaf_admin@people.osaaf.org|org.onap.vid1.admin|2020-11-26 12:31:54.000+0000|org.onap.vid1|admin
-aaf_admin@people.osaaf.org|org.onap.vid2.admin|2020-11-26 12:31:54.000+0000|org.onap.vid2|admin
-aaf_admin@people.osaaf.org|org.onap.vid.admin|2020-11-26 12:31:54.000+0000|org.onap.vid|admin
-aaf_admin@people.osaaf.org|org.onap.uui.admin|2020-11-26 12:31:54.000+0000|org.onap.uui|admin
-aaf_admin@people.osaaf.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
-aaf_admin@people.osaaf.org|org.osaaf.people.admin|2020-11-26 12:31:54.000+0000|org.osaaf.people|admin
-deployer@people.osaaf.org|org.osaaf.aaf.deploy|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|deploy
-portal_admin@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
-aaf@aaf.osaaf.org|org.admin|2020-11-26 12:31:54.000+0000|org|admin
-aaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
-aaf@aaf.osaaf.org|org.osaaf.aaf.service|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|service
-aaf@aaf.osaaf.org|org.osaaf.people.admin|2020-11-26 12:31:54.000+0000|org.osaaf.people|admin
-osaaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
-a1p@a1p.onap.org|org.onap.a1p.service|2020-11-26 12:31:54.000+0000|org.onap.a1p|service
-aaf-sms@aaf-sms.onap.org|org.onap.aaf-sms.service|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|service
-aai@aai.onap.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
-aai@aai.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-aai@aai.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-aai-resources@aai-resources.onap.org|org.onap.aai-resources.service|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|service
-aai-schema-service@aai-schema-service.onap.org|org.onap.aai-schema-service.service|2020-11-26 12:31:54.000+0000|org.onap.aai-schema-service|service
-aai-traversal@aai-traversal.onap.org|org.onap.aai-traversal.service|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|service
-appc@appc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-appc@appc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-appc@appc.onap.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
-appc@appc.onap.org|org.onap.appc.odl|2020-11-26 12:31:54.000+0000|org.onap.appc|odl
-appc@appc.onap.org|org.onap.appc.service|2020-11-26 12:31:54.000+0000|org.onap.appc|service
-appc-cdt@appc-cdt.onap.org|org.onap.appc-cdt.service|2020-11-26 12:31:54.000+0000|org.onap.appc-cdt|service
-cli@cli.onap.org|org.onap.cli.service|2020-11-26 12:31:54.000+0000|org.onap.cli|service
-clamp@clampdemo.onap.org|org.onap.clampdemo.owner|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|owner
-clamp@clampdemo.onap.org|org.onap.clampdemo.service|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|admin
-clamp@clamp.onap.org|org.onap.clamp.clds.admin.dev|2020-11-26 12:31:54.000+0000|org.onap.clamp|clds.admin.dev
-clamp@clamp.onap.org|org.onap.clamp.clds.designer.dev|2020-11-26 12:31:54.000+0000|org.onap.clamp|clds.designer.dev
-clamp@clamp.onap.org|org.onap.clamp.clds.vf_filter_all.dev|2020-11-26 12:31:54.000+0000|org.onap.clamp|clds.vf_filter_all.dev
-clamp@clamp.onap.org|org.onap.clampdemo.owner|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|owner
-clamp@clamp.onap.org|org.onap.clampdemo.service|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|admin
-clamp@clamp.onap.org|org.onap.clamp.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.clamp|seeCerts
-clamp@clamp.onap.org|org.onap.clamp.service|2020-11-26 12:31:54.000+0000|org.onap.clamp|service
-clamp@clamp.onap.org|org.onap.clamptest.owner|2020-11-26 12:31:54.000+0000|org.onap.clamptest|owner
-clamp@clamp.onap.org|org.onap.clamptest.service|2020-11-26 12:31:54.000+0000|org.onap.clamptest|admin
-clamp@clamp.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber
-clamp@clamp.onap.org|org.onap.dmaap.mr.dgl000.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|subscriber
-clamp@clamp.osaaf.org|org.onap.clamp.service|2020-11-26 12:31:54.000+0000|org.onap.clamp|service
-clamp@clamptest.onap.org|org.onap.clamptest.owner|2020-11-26 12:31:54.000+0000|org.onap.clamptest|owner
-clamp@clamptest.onap.org|org.onap.clamptest.service|2020-11-26 12:31:54.000+0000|org.onap.clamptest|admin
-dcae@dcae.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-dcae@dcae.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-dcae@dcae.onap.org|org.onap.dcae.pmPublisher|2020-11-26 12:31:54.000+0000|org.onap.dcae|pmPublisher
-dcae@dcae.onap.org|org.onap.dcae.pmSubscriber|2020-11-26 12:31:54.000+0000|org.onap.dcae|pmSubscriber
-dcae@dcae.onap.org|org.onap.dcae.pnfPublisher|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfPublisher
-dcae@dcae.onap.org|org.onap.dcae.pnfSubscriber|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfSubscriber
-dcae@dcae.onap.org|org.onap.dcae.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dcae|seeCerts
-dcae@dcae.onap.org|org.onap.dmaap-dr.feed.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|feed.admin
-dcae@dcae.onap.org|org.onap.dmaap-dr.sub.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|sub.admin
-dcae@dcae.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber
-dcae@dcae.onap.org|org.onap.dmaap.mr.PM_MAPPER.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|publisher
-dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_READY.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|pub
-dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|sub
-holmes-engine-mgmt@holmes-engine-mgmt.onap.org|org.onap.holmes-engine-mgmt.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.holmes-engine-mgmt|seeCerts
-holmes-engine-mgmt@holmes-engine-mgmt.onap.org|org.onap.holmes-engine-mgmt.service|2020-11-26 12:31:54.000+0000|org.onap.holmes-engine-mgmt|service
-holmes-rule-mgmt@holmes-rule-mgmt.onap.org|org.onap.holmes-rule-mgmt.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.holmes-rule-mgmt|seeCerts
-holmes-rule-mgmt@holmes-rule-mgmt.onap.org|org.onap.holmes-rule-mgmt.service|2020-11-26 12:31:54.000+0000|org.onap.holmes-rule-mgmt|service
-oof@oof.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-oof@oof.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-oof@oof.onap.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
-oof@oof.onap.org|org.onap.oof.service|2020-11-26 12:31:54.000+0000|org.onap.oof|service
-so@so.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-so@so.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-so@so.onap.org|org.onap.appc.service|2020-11-26 12:31:54.000+0000|org.onap.appc|service
-so@so.onap.org|org.onap.sdnc.service|2020-11-26 12:31:54.000+0000|org.onap.sdnc|service
-so@so.onap.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
-so@so.onap.org|org.onap.so.app|2020-11-26 12:31:54.000+0000|org.onap.so|app
-so@so.onap.org|org.onap.so.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.so|seeCerts
-sdc@sdc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-sdc@sdc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-sdnc@sdnc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-sdnc@sdnc.onap.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher
-sdnc@sdnc.onap.org|org.onap.dmaap.mr.dgl000.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|publisher
-sdnc@sdnc.onap.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
-sdnc@sdnc.onap.org|org.onap.sdnc.service|2020-11-26 12:31:54.000+0000|org.onap.sdnc|service
-sdnc-cds@sdnc-cds.onap.org|org.onap.sdnc-cds.service|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|service
-vfc@vfc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-vfc@vfc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-vfc@vfc.onap.org|org.onap.dmaap-mr.Publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|Publisher
-vfc@vfc.onap.org|org.onap.vfc.service|2020-11-26 12:31:54.000+0000|org.onap.vfc|service
-policy@policy.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-policy@policy.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-policy@policy.onap.org|org.onap.policy.pdpd.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpd.admin
-policy@policy.onap.org|org.onap.policy.pdpx.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpx.admin
-policy@policy.onap.org|org.onap.policy.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.policy|seeCerts
-pomba@pomba.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-pomba@pomba.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-holmes@holmes.onap.org|org.onap.holmes.service|2020-11-26 12:31:54.000+0000|org.onap.holmes|service
-msb-eag@msb-eag.onap.org|org.onap.msb-eag.service|2020-11-26 12:31:54.000+0000|org.onap.msb-eag|service
-msb-iag@msb-iag.onap.org|org.onap.msb-iag.service|2020-11-26 12:31:54.000+0000|org.onap.msb-iag|service
-nbi@nbi.onap.org|org.onap.nbi.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.nbi|seeCerts
-nbi@nbi.onap.org|org.onap.nbi.service|2020-11-26 12:31:54.000+0000|org.onap.nbi|service
-music@music.onap.org|org.onap.music.service|2020-11-26 12:31:54.000+0000|org.onap.music|service
-refrepo@refrepo.onap.org|org.onap.refrepo.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.refrepo|seeCerts
-refrepo@refrepo.onap.org|org.onap.refrepo.service|2020-11-26 12:31:54.000+0000|org.onap.refrepo|service
-vid@vid.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
-vid@vid.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
-vid@vid.onap.org|org.onap.vid.service|2020-11-26 12:31:54.000+0000|org.onap.vid|service
-vid1@people.osaaf.org|org.onap.vid.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|System_Administrator
-vid2@people.osaaf.org|org.onap.vid.Standard_User|2020-11-26 12:31:54.000+0000|org.onap.vid|Standard_User
-vid2@people.osaaf.org|org.onap.vid.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|System_Administrator
-uui@uui.onap.org|org.onap.uui.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.uui|seeCerts
-uui@uui.onap.org|org.onap.uui.service|2020-11-26 12:31:54.000+0000|org.onap.uui|service
-dmaap-bc@bc.dmaap.onap.org|org.onap.dmaap.bc.service|2020-11-26 12:31:54.000+0000|org.onap.dmaap.bc|service
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|seeCerts
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.service|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|service
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.dgl000.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|admin
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.mirrormakeragent.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|admin
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.PM_MAPPER.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|admin
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-001.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-001|admin
-dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-002.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-002|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-bc-topic-mgr.client|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|client
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.feed.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|feed.admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.sub.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|sub.admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123450.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123450|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123451.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-1547667570.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547665517.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547665517|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666628.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666628|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666760.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666760|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666950.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666950|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547667031.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547667031|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123456.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123456|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123457.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123457|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660509.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660861.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547661011.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662122.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662451.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664813.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664928.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547666068.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTopic-1547654909.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTopic-1547654909|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.create|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|create
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.destroy|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|destroy
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.dgl_ready.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl_ready|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.user
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.partitionTest-1546033194.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_READY.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.topic-000.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-000|admin
-dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.create|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|create
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.destroy|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|destroy
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.admin
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.user
-dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
-dmaap-dr@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|seeCerts
-dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
-dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|seeCerts
-dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
-dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|seeCerts
-dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
diff --git a/kubernetes/aaf/components/aaf-cass/templates/NOTES.txt b/kubernetes/aaf/components/aaf-cass/templates/NOTES.txt
deleted file mode 100644
index bd74a42cd5..0000000000
--- a/kubernetes/aaf/components/aaf-cass/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-cass/templates/configmap.yaml b/kubernetes/aaf/components/aaf-cass/templates/configmap.yaml
deleted file mode 100644
index a10bb8a7a1..0000000000
--- a/kubernetes/aaf/components/aaf-cass/templates/configmap.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/*
-# ============LICENSE_START====================================================
-# org.onap.aaf
-# ===========================================================================
-# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
-# ===========================================================================
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-cass-init-dats
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/cass-init-dats/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
deleted file mode 100644
index 4e18b3b746..0000000000
--- a/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- selector: {{- include "common.selectors" . | nindent 4 }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- spec:
- initContainers:
- - name: fix-permission
- command:
- - /bin/sh
- args:
- - -c
- - |
- echo "*** Move files from configmap to emptyDir"
- cp -L /config-input-dats/* /config-dats/
- echo "*** set righ user to the different folders"
- chown -R 1000:1000 /config-dats
- chown -R 1000:1000 /var/lib/cassandra
- chown -R 1000:1000 /status
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /var/lib/cassandra
- name: aaf-cass-vol
- - mountPath: /config-input-dats
- name: config-cass-init-dats
- - mountPath: /config-dats
- name: config-cass-dats
- - mountPath: /status
- name: aaf-status
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 30m
- memory: 100Mi
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well
- command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"]
- ports: {{ include "common.containerPorts" . | nindent 10 }}
- env:
- - name: CASSANDRA_CLUSTER_NAME
- value: {{ .Values.config.cluster_name }}
- - name: CASSANDRA_DC
- value: {{ .Values.config.dc }}
- - name: CQLSH
- value: "/opt/cassandra/bin/cqlsh"
- - name: HEAP_NEWSIZE
- value: {{ .Values.config.heap_new_size }}
- - name: MAX_HEAP_SIZE
- value: {{ .Values.config.max_heap_size }}
- - name: MY_POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: MY_POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: MY_POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- volumeMounts:
- - mountPath: /var/lib/cassandra
- name: aaf-cass-vol
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /opt/app/aaf/cass_init/dats
- name: config-cass-dats
- - mountPath: /opt/app/aaf/status
- name: aaf-status
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: tcp-cql
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: tcp-cql
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-status
- emptyDir: {}
- - name: aaf-cass-vol
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- - name: config-cass-init-dats
- configMap:
- name: {{ include "common.fullname" . }}-cass-init-dats
- - name: config-cass-dats
- emptyDir: {}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/components/aaf-cass/templates/pv.yaml b/kubernetes/aaf/components/aaf-cass/templates/pv.yaml
deleted file mode 100644
index 187e9b75de..0000000000
--- a/kubernetes/aaf/components/aaf-cass/templates/pv.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.PV" . }}
diff --git a/kubernetes/aaf/components/aaf-cass/templates/service.yaml b/kubernetes/aaf/components/aaf-cass/templates/service.yaml
deleted file mode 100644
index 149a8708a6..0000000000
--- a/kubernetes/aaf/components/aaf-cass/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/aaf/components/aaf-cass/values.yaml b/kubernetes/aaf/components/aaf-cass/values.yaml
deleted file mode 100644
index a1a1abe55a..0000000000
--- a/kubernetes/aaf/components/aaf-cass/values.yaml
+++ /dev/null
@@ -1,96 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application configuration
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
- port: tcp-cql
-
-image: onap/aaf/aaf_cass:2.1.23
-
-config:
- cluster_name: osaaf
- heap_new_size: 512M
- max_heap_size: 1024M
- dc: dc1
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
-
-service:
- name: aaf-cass
- type: ClusterIP
- ports:
- - name: tcp-intra
- port: 7000
- - name: tls
- port: 7001
- - name: tcp-cql
- port: 9042
- - name: tcp-thrift
- port: 9160
-
-ingress:
- enabled: false
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 2100m
- memory: 1792Mi
- requests:
- cpu: 30m
- memory: 1280Mi
- large:
- limits:
- cpu: 4
- memory: 12000Mi
- requests:
- cpu: 40m
- memory: 9000Mi
- unlimited: {}
-
-persistence:
- enabled: true
- #existingClaim:
- mountPath: /dockerdata-nfs
- mountSubPath: "cass"
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 5Gi
diff --git a/kubernetes/aaf/components/aaf-cm/.helmignore b/kubernetes/aaf/components/aaf-cm/.helmignore
deleted file mode 100644
index daebc7da77..0000000000
--- a/kubernetes/aaf/components/aaf-cm/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aaf/components/aaf-cm/Chart.yaml b/kubernetes/aaf/components/aaf-cm/Chart.yaml
deleted file mode 100644
index 094d21020a..0000000000
--- a/kubernetes/aaf/components/aaf-cm/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T, ZTE
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP AAF Certificate Manager
-name: aaf-cm
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: aaf-templates
- version: ~12.x-0
- repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/components/aaf-cm/templates/NOTES.txt b/kubernetes/aaf/components/aaf-cm/templates/NOTES.txt
deleted file mode 100644
index bd74a42cd5..0000000000
--- a/kubernetes/aaf/components/aaf-cm/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-cm/templates/ingress.yaml b/kubernetes/aaf/components/aaf-cm/templates/ingress.yaml
deleted file mode 100644
index 40b4bba0ce..0000000000
--- a/kubernetes/aaf/components/aaf-cm/templates/ingress.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-
-{{ include "common.ingress" . }}
-
-
diff --git a/kubernetes/aaf/components/aaf-cm/templates/service.yaml b/kubernetes/aaf/components/aaf-cm/templates/service.yaml
deleted file mode 100644
index ea95e44497..0000000000
--- a/kubernetes/aaf/components/aaf-cm/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/aaf/components/aaf-cm/values.yaml b/kubernetes/aaf/components/aaf-cm/values.yaml
deleted file mode 100644
index a8159dc2cd..0000000000
--- a/kubernetes/aaf/components/aaf-cm/values.yaml
+++ /dev/null
@@ -1,94 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
- aaf:
- image: onap/aaf/aaf_core:2.1.23
- config:
- image: onap/aaf/aaf_config:2.1.23
-
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-replicaCount: 1
-
-binary: cm
-
-sequence_order:
- - service
- - locate
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
- port: api
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
- port: api
-
-service:
- name: aaf-cm
- type: ClusterIP
- ports:
- - name: api
- protocol: http
- port: 8150
-
-ingress:
- enabled: false
- service:
- - baseaddr: "aaf-cm-api"
- name: "aaf-cm"
- port: 8150
- config:
- ssl: "redirect"
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 400m
- memory: 300Mi
- requests:
- cpu: 1m
- memory: 200Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 40m
- memory: 600Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-fs/.helmignore b/kubernetes/aaf/components/aaf-fs/.helmignore
deleted file mode 100644
index f0c1319444..0000000000
--- a/kubernetes/aaf/components/aaf-fs/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aaf/components/aaf-fs/Chart.yaml b/kubernetes/aaf/components/aaf-fs/Chart.yaml
deleted file mode 100644
index 4573a51c19..0000000000
--- a/kubernetes/aaf/components/aaf-fs/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP AAF File Server
-name: aaf-fs
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: aaf-templates
- version: ~12.x-0
- repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/components/aaf-fs/templates/NOTES.txt b/kubernetes/aaf/components/aaf-fs/templates/NOTES.txt
deleted file mode 100644
index bd74a42cd5..0000000000
--- a/kubernetes/aaf/components/aaf-fs/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml
deleted file mode 100644
index 5d40538e49..0000000000
--- a/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "aaf.deployment" . }}
diff --git a/kubernetes/aaf/components/aaf-fs/templates/ingress.yaml b/kubernetes/aaf/components/aaf-fs/templates/ingress.yaml
deleted file mode 100644
index 40b4bba0ce..0000000000
--- a/kubernetes/aaf/components/aaf-fs/templates/ingress.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-
-{{ include "common.ingress" . }}
-
-
diff --git a/kubernetes/aaf/components/aaf-fs/templates/service.yaml b/kubernetes/aaf/components/aaf-fs/templates/service.yaml
deleted file mode 100644
index ea95e44497..0000000000
--- a/kubernetes/aaf/components/aaf-fs/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/aaf/components/aaf-fs/values.yaml b/kubernetes/aaf/components/aaf-fs/values.yaml
deleted file mode 100644
index a0e9fe9bae..0000000000
--- a/kubernetes/aaf/components/aaf-fs/values.yaml
+++ /dev/null
@@ -1,95 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
- aaf:
- image: onap/aaf/aaf_core:2.1.23
- config:
- image: onap/aaf/aaf_config:2.1.23
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-pullPolicy: Always
-
-replicaCount: 1
-
-binary: fs
-
-sequence_order:
- - service
- - locate
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
- port: api
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
- port: api
-
-service:
- name: aaf-fs
- type: ClusterIP
- ports:
- - name: api
- port: 8096
- protocol: http
-
-ingress:
- enabled: false
- service:
- - baseaddr: "aaf-fs-api"
- name: "aaf-fs"
- port: 8096
- config:
- ssl: "none"
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 200m
- memory: 110Mi
- requests:
- cpu: 1m
- memory: 80Mi
- large:
- limits:
- cpu: 500m
- memory: 700Mi
- requests:
- cpu: 100m
- memory: 400Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-gui/.helmignore b/kubernetes/aaf/components/aaf-gui/.helmignore
deleted file mode 100644
index f0c1319444..0000000000
--- a/kubernetes/aaf/components/aaf-gui/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aaf/components/aaf-gui/Chart.yaml b/kubernetes/aaf/components/aaf-gui/Chart.yaml
deleted file mode 100644
index 4e49314946..0000000000
--- a/kubernetes/aaf/components/aaf-gui/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP AAF GUI
-name: aaf-gui
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: aaf-templates
- version: ~12.x-0
- repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/components/aaf-gui/templates/NOTES.txt b/kubernetes/aaf/components/aaf-gui/templates/NOTES.txt
deleted file mode 100644
index bd74a42cd5..0000000000
--- a/kubernetes/aaf/components/aaf-gui/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml
deleted file mode 100644
index 5d40538e49..0000000000
--- a/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "aaf.deployment" . }}
diff --git a/kubernetes/aaf/components/aaf-gui/templates/ingress.yaml b/kubernetes/aaf/components/aaf-gui/templates/ingress.yaml
deleted file mode 100644
index 40b4bba0ce..0000000000
--- a/kubernetes/aaf/components/aaf-gui/templates/ingress.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-
-{{ include "common.ingress" . }}
-
-
diff --git a/kubernetes/aaf/components/aaf-gui/templates/service.yaml b/kubernetes/aaf/components/aaf-gui/templates/service.yaml
deleted file mode 100644
index ea95e44497..0000000000
--- a/kubernetes/aaf/components/aaf-gui/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/aaf/components/aaf-gui/values.yaml b/kubernetes/aaf/components/aaf-gui/values.yaml
deleted file mode 100644
index fd416b64dc..0000000000
--- a/kubernetes/aaf/components/aaf-gui/values.yaml
+++ /dev/null
@@ -1,95 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
- aaf:
- image: onap/aaf/aaf_core:2.1.23
- config:
- image: onap/aaf/aaf_config:2.1.23
-
-flavor: small
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-pullPolicy: Always
-
-replicaCount: 1
-
-binary: gui
-
-sequence_order:
- - service
- - locate
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
- port: gui
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
- port: gui
-
-service:
- name: aaf-gui
- type: NodePort
- ports:
- - name: gui
- protocol: http
- port: 8200
- nodePort: 51
-
-ingress:
- enabled: false
- service:
- - baseaddr: "aaf-ui"
- name: "aaf-gui"
- port: 8200
- config:
- ssl: "redirect"
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 200m
- memory: 280Mi
- requests:
- cpu: 1m
- memory: 170Mi
- large:
- limits:
- cpu: 200m
- memory: 1Gi
- requests:
- cpu: 100m
- memory: 500Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-locate/.helmignore b/kubernetes/aaf/components/aaf-locate/.helmignore
deleted file mode 100644
index f0c1319444..0000000000
--- a/kubernetes/aaf/components/aaf-locate/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aaf/components/aaf-locate/Chart.yaml b/kubernetes/aaf/components/aaf-locate/Chart.yaml
deleted file mode 100644
index 8cb2cf6324..0000000000
--- a/kubernetes/aaf/components/aaf-locate/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP AAF Locate
-name: aaf-locate
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: aaf-templates
- version: ~12.x-0
- repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/components/aaf-locate/templates/NOTES.txt b/kubernetes/aaf/components/aaf-locate/templates/NOTES.txt
deleted file mode 100644
index bd74a42cd5..0000000000
--- a/kubernetes/aaf/components/aaf-locate/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml
deleted file mode 100644
index 656aa1746d..0000000000
--- a/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "aaf.deployment" . }}
diff --git a/kubernetes/aaf/components/aaf-locate/templates/ingress.yaml b/kubernetes/aaf/components/aaf-locate/templates/ingress.yaml
deleted file mode 100644
index 1b33c1f8d1..0000000000
--- a/kubernetes/aaf/components/aaf-locate/templates/ingress.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-
-{{ include "common.ingress" . }}
diff --git a/kubernetes/aaf/components/aaf-locate/templates/service.yaml b/kubernetes/aaf/components/aaf-locate/templates/service.yaml
deleted file mode 100644
index ea95e44497..0000000000
--- a/kubernetes/aaf/components/aaf-locate/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/aaf/components/aaf-locate/values.yaml b/kubernetes/aaf/components/aaf-locate/values.yaml
deleted file mode 100644
index 86a93214e7..0000000000
--- a/kubernetes/aaf/components/aaf-locate/values.yaml
+++ /dev/null
@@ -1,92 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
- aaf:
- image: onap/aaf/aaf_core:2.1.23
- config:
- image: onap/aaf/aaf_config:2.1.23
-
-
-flavor: small
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-replicaCount: 1
-
-binary: locate
-
-sequence_order:
- - service
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
- port: api
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
- port: api
-
-service:
- name: aaf-locate
- type: ClusterIP
- ports:
- - name: api
- protocol: http
- port: 8095
-
-ingress:
- enabled: false
- service:
- - baseaddr: "aaf-locate-api"
- name: "aaf-locate"
- port: 8095
- config:
- ssl: "redirect"
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 500m
- memory: 320Mi
- requests:
- cpu: 1m
- memory: 210Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 40m
- memory: 500Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-oauth/.helmignore b/kubernetes/aaf/components/aaf-oauth/.helmignore
deleted file mode 100644
index f0c1319444..0000000000
--- a/kubernetes/aaf/components/aaf-oauth/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aaf/components/aaf-oauth/Chart.yaml b/kubernetes/aaf/components/aaf-oauth/Chart.yaml
deleted file mode 100644
index edd932d51c..0000000000
--- a/kubernetes/aaf/components/aaf-oauth/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP AAF OAuth
-name: aaf-oauth
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: aaf-templates
- version: ~12.x-0
- repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt b/kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt
deleted file mode 100644
index bd74a42cd5..0000000000
--- a/kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml
deleted file mode 100644
index 656aa1746d..0000000000
--- a/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "aaf.deployment" . }}
diff --git a/kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml b/kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml
deleted file mode 100644
index 1b33c1f8d1..0000000000
--- a/kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-
-{{ include "common.ingress" . }}
diff --git a/kubernetes/aaf/components/aaf-oauth/templates/service.yaml b/kubernetes/aaf/components/aaf-oauth/templates/service.yaml
deleted file mode 100644
index ea95e44497..0000000000
--- a/kubernetes/aaf/components/aaf-oauth/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/aaf/components/aaf-oauth/values.yaml b/kubernetes/aaf/components/aaf-oauth/values.yaml
deleted file mode 100644
index a103fb2e22..0000000000
--- a/kubernetes/aaf/components/aaf-oauth/values.yaml
+++ /dev/null
@@ -1,95 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
- aaf:
- image: onap/aaf/aaf_core:2.1.23
- config:
- image: onap/aaf/aaf_config:2.1.23
-
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-
-replicaCount: 1
-
-binary: oauth
-
-sequence_order:
- - service
- - locate
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
- port: api
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
- port: api
-
-service:
- name: aaf-oauth
- type: ClusterIP
- ports:
- - name: api
- protocol: http
- port: 8140
-
-ingress:
- enabled: false
- service:
- - baseaddr: "aaf-oauth-api"
- name: "aaf-oauth"
- port: 8140
- config:
- ssl: "redirect"
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 40m
- memory: 320Mi
- requests:
- cpu: 1m
- memory: 210Mi
- large:
- limits:
- cpu: 400m
- memory: 600Mi
- requests:
- cpu: 40m
- memory: 200Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-service/.helmignore b/kubernetes/aaf/components/aaf-service/.helmignore
deleted file mode 100644
index f0c1319444..0000000000
--- a/kubernetes/aaf/components/aaf-service/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/aaf/components/aaf-service/Chart.yaml b/kubernetes/aaf/components/aaf-service/Chart.yaml
deleted file mode 100644
index 3aafca3278..0000000000
--- a/kubernetes/aaf/components/aaf-service/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP AAF Service
-name: aaf-service
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: aaf-templates
- version: ~12.x-0
- repository: 'file://../aaf-templates' \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-service/templates/deployment.yaml b/kubernetes/aaf/components/aaf-service/templates/deployment.yaml
deleted file mode 100644
index 656aa1746d..0000000000
--- a/kubernetes/aaf/components/aaf-service/templates/deployment.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "aaf.deployment" . }}
diff --git a/kubernetes/aaf/components/aaf-service/templates/ingress.yaml b/kubernetes/aaf/components/aaf-service/templates/ingress.yaml
deleted file mode 100644
index 40b4bba0ce..0000000000
--- a/kubernetes/aaf/components/aaf-service/templates/ingress.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-
-{{ include "common.ingress" . }}
-
-
diff --git a/kubernetes/aaf/components/aaf-service/templates/service.yaml b/kubernetes/aaf/components/aaf-service/templates/service.yaml
deleted file mode 100644
index ea95e44497..0000000000
--- a/kubernetes/aaf/components/aaf-service/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Orange
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.service" . }}
diff --git a/kubernetes/aaf/components/aaf-service/values.yaml b/kubernetes/aaf/components/aaf-service/values.yaml
deleted file mode 100644
index a6f3c5dc4e..0000000000
--- a/kubernetes/aaf/components/aaf-service/values.yaml
+++ /dev/null
@@ -1,94 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
- aaf:
- image: onap/aaf/aaf_core:2.1.23
- config:
- image: onap/aaf/aaf_config:2.1.23
-
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-
-replicaCount: 1
-
-binary: service
-
-sequence_order:
- - cass
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
- port: api
-
-readiness:
- initialDelaySeconds: 5
- periodSeconds: 10
- port: api
-
-service:
- name: aaf-service
- type: ClusterIP
- ports:
- - name: api
- port: 8100
- protocol: http
-
-ingress:
- enabled: false
- service:
- - baseaddr: "aaf-service-api"
- name: "aaf-service"
- port: 8100
- config:
- ssl: "redirect"
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 250m
- memory: 360Mi
- requests:
- cpu: 10m
- memory: 250Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 40m
- memory: 300Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-sms/Chart.yaml b/kubernetes/aaf/components/aaf-sms/Chart.yaml
deleted file mode 100644
index ef34888493..0000000000
--- a/kubernetes/aaf/components/aaf-sms/Chart.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Secret Management Service
-name: aaf-sms
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- - name: aaf-sms-quorumclient
- version: ~12.x-0
- repository: 'file://components/aaf-sms-quorumclient'
- - name: aaf-sms-vault
- version: ~12.x-0
- repository: 'file://components/aaf-sms-vault'
diff --git a/kubernetes/aaf/components/aaf-sms/Makefile b/kubernetes/aaf/components/aaf-sms/Makefile
deleted file mode 100644
index ef273d0e9b..0000000000
--- a/kubernetes/aaf/components/aaf-sms/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/aaf/components/aaf-sms/components/Makefile b/kubernetes/aaf/components/aaf-sms/components/Makefile
deleted file mode 100644
index 79ba2fb47e..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml
deleted file mode 100644
index 5af948eddc..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Secret Management Service Quorum Client
-name: aaf-sms-quorumclient
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/resources/config/config.json b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/resources/config/config.json
deleted file mode 100644
index 3a43f00019..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/resources/config/config.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "url":"https://aaf-sms.{{ include "common.namespace" . }}:10443",
- "cafile": "/quorumclient/certs/aaf_root_ca.cer",
- "clientcert":"client.cert",
- "clientkey":"client.key",
- "timeout":"10s"
-} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/pv.yaml
deleted file mode 100644
index d855ae6fdf..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/pv.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- $global := . }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-{{- if eq "True" (include "common.needPV" .) }}
-{{- range $i := until (int $global.Values.replicaCount)}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" $global }}-data-{{ $i }}
- namespace: {{ include "common.namespace" $global }}
- labels:
- app: {{ include "common.name" $global }}
- chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" $global }}"
- heritage: "{{ $global.Release.Service }}"
- name: {{ include "common.fullname" $global }}
-spec:
- capacity:
- storage: {{ $global.Values.persistence.size}}
- accessModes:
- - {{ $global.Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" $global }}-data"
- hostPath:
- path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
-{{if ne $i (int $global.Values.replicaCount) }}
----
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml
deleted file mode 100644
index 85d62019d4..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- serviceName: {{ include "common.servicename" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
-{{- if .Values.persistence.enabled }}
- initContainers:
- - name: fix-permission
- command:
- - /bin/sh
- args:
- - -c
- - |
- chmod -R 775 /quorumclient/auth
- chown -R 100:1000 /quorumclient/auth
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /quorumclient/auth
- name: {{ include "common.fullname" . }}-data
-{{- end }}
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/quorumclient/bin/quorumclient"]
- workingDir: /quorumclient/
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /quorumclient/config.json
- name: {{ include "common.name" .}}
- subPath: config.json
-{{- if .Values.persistence.enabled }}
- - mountPath: /quorumclient/auth
- name: {{ include "common.fullname" . }}-data
-{{- end }}
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name : {{ include "common.name" . }}
- configMap:
- name: {{ include "common.fullname" . }}
- items:
- - key: config.json
- path: config.json
- mode: 0755
-{{- if .Values.persistence.enabled }}
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-data
- labels:
- name: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/values.yaml
deleted file mode 100644
index d41d31ce82..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/values.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/aaf/smsquorumclient:4.0.2
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-# default number of instances
-replicaCount: 3
-
-nodeSelector: {}
-
-affinity: {}
-
-service:
- name: aaf-sms
-
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 10Mi
- mountPath: /dockerdata-nfs
- mountSubPath: sms/quorum/data
-
-ingress:
- enabled: false
-
-flavor: small
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 40m
- memory: 40Mi
- requests:
- cpu: 1m
- memory: 10Mi
- large:
- limits:
- cpu: 400m
- memory: 700Mi
- requests:
- cpu: 10m
- memory: 100Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml
deleted file mode 100644
index 44554e3432..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Chart to launch Vault as SMS backend
-name: aaf-sms-vault
-appVersion: 0.9.5
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/configmap.yaml
deleted file mode 100644
index 0d09221644..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/configmap.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-vault
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
- config.json: |
- {{ .Values.config.vault | toJson }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-consul
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
- config.json: |
- {{ .Values.config.consul | toJson }}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/pv.yaml
deleted file mode 100644
index d855ae6fdf..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/pv.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- $global := . }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-{{- if eq "True" (include "common.needPV" .) }}
-{{- range $i := until (int $global.Values.replicaCount)}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" $global }}-data-{{ $i }}
- namespace: {{ include "common.namespace" $global }}
- labels:
- app: {{ include "common.name" $global }}
- chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" $global }}"
- heritage: "{{ $global.Release.Service }}"
- name: {{ include "common.fullname" $global }}
-spec:
- capacity:
- storage: {{ $global.Values.persistence.size}}
- accessModes:
- - {{ $global.Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" $global }}-data"
- hostPath:
- path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
-{{if ne $i (int $global.Values.replicaCount) }}
----
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/service.yaml
deleted file mode 100644
index b642e39540..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/service.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - name: {{ .Values.service.portName }}
- {{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
- {{- else -}}
- port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- {{- end}}
- protocol: TCP
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml
deleted file mode 100644
index f92847f7f2..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml
+++ /dev/null
@@ -1,118 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- serviceName: {{ include "common.servicename" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
-{{- if .Values.persistence.enabled }}
- initContainers:
- - name: fix-permission
- command:
- - /bin/sh
- args:
- - -c
- - |
- chmod -R 775 /consul/data
- chown -R 100:1000 /consul/data
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /consul/data
- name: {{ include "common.fullname" . }}-data
-{{- end }}
- containers:
- - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.vault }}
- name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- args: ["server"]
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- volumeMounts:
- - mountPath: /vault/config/config.json
- name: {{ include "common.fullname" . }}-vault
- subPath: config.json
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- resources: {{ include "common.resources" . | nindent 10 }}
- - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.consul }}
- name: {{ include "common.name" . }}-backend
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- args: ["agent","-server","-bind","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"]
- ports:
- - name: http
- containerPort: 8500
- volumeMounts:
-{{- if .Values.persistence.enabled }}
- - mountPath: /consul/data
- name: {{ include "common.fullname" . }}-data
-{{- end }}
- - mountPath: /consul/config/config.json
- name: {{ include "common.fullname" . }}-consulconfiguration
- subPath: config.json
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- resources: {{ include "common.resources" . | nindent 10 }}
- volumes:
- - name: {{ include "common.fullname" . }}-consulconfiguration
- configMap:
- name: {{ include "common.fullname" . }}-consul
- - name: {{ include "common.fullname" . }}-vault
- configMap:
- name: {{ include "common.fullname" . }}-vault
- - name: localtime
- hostPath:
- path: /etc/localtime
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
-{{- if .Values.persistence.enabled }}
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-data
- labels:
- name: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/values.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/values.yaml
deleted file mode 100644
index e170ce7ef5..0000000000
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/values.yaml
+++ /dev/null
@@ -1,109 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- persistence: {}
-
-# application image
-image:
- consul: library/consul:1.7.1
- vault: library/vault:1.3.3
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-config:
- consul:
- server: true
- log_level: INFO
- data_dir: '/consul/data'
- ports:
- http: 8500
- https: -1
-
- vault:
- storage:
- consul:
- address: localhost:8500
- path: smsvault
- listener:
- tcp:
- address: '[::]:8200'
- tls_disable: true
- disable_mlock: true
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: sms/consul/data
-
-service:
- type: ClusterIP
- name: aaf-sms-db
- portName: aaf-sms-db
- internalPort: 8200
- externalPort: 8200
-
-ingress:
- enabled: false
-
-flavor: small
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 400m
- memory: 80Mi
- requests:
- cpu: 40m
- memory: 40Mi
- large:
- limits:
- cpu: 400m
- memory: 700Mi
- requests:
- cpu: 40m
- memory: 100Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem b/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem
deleted file mode 100644
index 7939846bf0..0000000000
--- a/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
-RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
-MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
-A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
-neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
-o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
-nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
-v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
-15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
-gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
-M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
-AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
-ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
-u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
-+pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
-QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
-8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
-kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
-aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
-uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
-tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
-BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
------END CERTIFICATE-----
diff --git a/kubernetes/aaf/components/aaf-sms/resources/config/has.json b/kubernetes/aaf/components/aaf-sms/resources/config/has.json
deleted file mode 100644
index ef42ce98d3..0000000000
--- a/kubernetes/aaf/components/aaf-sms/resources/config/has.json
+++ /dev/null
@@ -1,51 +0,0 @@
-{
- "domain": {
- "name": "has",
- "secrets": [
- {
- "name": "aai",
- "values": {
- "username": "${AAI_USER}",
- "password": "${AAI_PASS}"
- }
- },
- {
- "name": "conductor_api",
- "values": {
- "username": "${CONDUCTOR_USER}",
- "password": "${CONDUCTOR_PASS}"
- }
- },
- {
- "name": "sdnc",
- "values": {
- "username": "${SDNC_USER}",
- "password": "${SDNC_PASS}"
- }
- },
- {
- "name": "music_api",
- "values": {
- "aafuser": "${MUSIC_USER}",
- "aafpass": "${MUSIC_PASS}",
- "aafns": "conductor"
- }
- },
- {
- "name": "aaf_api",
- "values": {
- "username": "${AAF_USER}",
- "password": "${AAF_PASS}",
- "aaf_conductor_user": "oof@oof.onap.org"
- }
- },
- {
- "name": "sdc",
- "values": {
- "username": "${SDC_USER}",
- "password": "${SDC_PASS}"
- }
- }
- ]
- }
-}
diff --git a/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
deleted file mode 100644
index c14f7ee4ba..0000000000
--- a/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
+++ /dev/null
@@ -1,112 +0,0 @@
-{
- "domain": {
- "name": "osdf",
- "secrets": [
- {
- "name": "so",
- "values": {
- "UserName": "${SO_USER}",
- "Password": "${SO_PASS}"
- }
- },
- {
- "name": "conductor",
- "values": {
- "UserName": "${CONDUCTOR_USER}",
- "Password": "${CONDUCTOR_PASS}"
- }
- },
- {
- "name": "policyPlatform",
- "values": {
- "UserName": "${POLICY_PLAT_USER}",
- "Password": "${POLICY_PLAT_PASS}"
- }
- },
- {
- "name": "policyClient",
- "values": {
- "UserName": "${POLICY_CLI_USER}",
- "Password": "${POLICY_CLI_PASS}"
- }
- },
- {
- "name": "dmaap",
- "values": {
- "UserName": "NA",
- "Password": "NA"
- }
- },
- {
- "name": "sdc",
- "values": {
- "UserName": "NA",
- "Password": "NA"
- }
- },
- {
- "name": "osdfPlacement",
- "values": {
- "UserName": "${OSDF_PLACEMENT_USER}",
- "Password": "${OSDF_PLACEMENT_PASS}"
- }
- },
- {
- "name": "osdfPlacementSO",
- "values": {
- "UserName": "${OSDF_PLACEMENT_SO_USER}",
- "Password": "${OSDF_PLACEMENT_SO_PASS}"
- }
- },
- {
- "name": "osdfPlacementVFC",
- "values": {
- "UserName": "${OSDF_PLACEMENT_VFC_USER}",
- "Password": "${OSDF_PLACEMENT_VFC_PASS}"
- }
- },
- {
- "name": "osdfCMScheduler",
- "values": {
- "UserName": "${OSDF_CM_SCHEDULER_USER}",
- "Password": "${OSDF_CM_SCHEDULER_PASS}"
- }
- },
- {
- "name": "configDb",
- "values": {
- "UserName": "${CONFIG_DB_USER}",
- "Password": "${CONFIG_DB_PASS}"
- }
- },
- {
- "name": "pciHMS",
- "values": {
- "UserName": "",
- "Password": ""
- }
- },
- {
- "name": "osdfPCIOpt",
- "values": {
- "UserName": "${OSDF_PCI_OPT_USER}",
- "Password": "${OSDF_PCI_OPT_PASS}"
- }
- },
- {
- "name": "osdfOptEngine",
- "values": {
- "UserName": "${OSDF_OPT_ENGINE_USER}",
- "Password": "${OSDF_OPT_ENGINE_PASS}"
- }
- }{{ if .Values.cps.enabled }},
- {
- "name": "cps",
- "values": {
- "UserName": "${CPS_USER}",
- "Password": "${CPS_PASS}"
- }
- }{{ end }}
- ]
- }
-}
diff --git a/kubernetes/aaf/components/aaf-sms/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/templates/configmap.yaml
deleted file mode 100644
index a74fe277b7..0000000000
--- a/kubernetes/aaf/components/aaf-sms/templates/configmap.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
- smsconfig.json: |
- {{ .Values.config | toJson }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-preload
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-preload
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml
deleted file mode 100644
index b019dbfa4b..0000000000
--- a/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml
+++ /dev/null
@@ -1,148 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }}
- # Currently intermediate certificate is not given by AAF CM so we need
- # to give it "by hand"
- {{- if .Values.global.aafEnabled }}
- - name: {{ include "common.fullname" . }}-add-intermediate-cert
- command:
- - /bin/sh
- args:
- - -c
- - |
- cat /int-certs/intermediate_root_ca.pem >> {{ .Values.certInitializer.mountPath }}/local/org.onap.aaf-sms.crt
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 12 }}
- - mountPath: /int-certs
- name: {{ include "common.fullname" . }}-int-certs
- readOnly: true
- {{- end }}
- - name: {{ include "common.fullname" . }}-fix-permission
- command:
- - /bin/sh
- args:
- - -c
- - |
- chmod -R 775 /sms/auth
- chown -R 1000:1000 /sms/auth
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /sms/auth
- name: {{ include "common.fullname" . }}-auth
- - name: {{ include "common.name" . }}-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - "aaf-sms-vault"
- - --container-name
- - "aaf-sms-vault-backend"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}
- command: ["/sms/bin/sms"]
- workingDir: /sms/
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- httpGet:
- port: {{ .Values.service.internalPort }}
- scheme: HTTPS
- path: /v1/sms/quorum/status
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- httpGet:
- port: {{ .Values.service.internalPort }}
- scheme: HTTPS
- path: /v1/sms/quorum/status
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /sms/smsconfig.json
- name: {{ include "common.name" .}}
- subPath: smsconfig.json
- - mountPath: /sms/auth
- name: {{ include "common.fullname" . }}-auth
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name : {{ include "common.name" . }}
- configMap:
- name: {{ include "common.fullname" . }}
- {{- if .Values.global.aafEnabled }}
- - name: {{ include "common.fullname" . }}-int-certs
- secret:
- secretName: {{ include "common.fullname" . }}-int-certs
- {{- end }}
- - name: {{ include "common.fullname" . }}-auth
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
deleted file mode 100644
index 5aaea57450..0000000000
--- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml
+++ /dev/null
@@ -1,216 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ include "common.fullname" . }}-preload
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- - command:
- - sh
- args:
- - -c
- - "export AAI_PASS=${AAI_PASS_PLAIN};
- export CONDUCTOR_PASS=${CONDUCTOR_PASS_PLAIN};
- export SDNC_PASS=${SDNC_PASS_PLAIN};
- export MUSIC_PASS=${MUSIC_PASS_PLAIN};
- export AAF_PASS=${AAF_PASS_PLAIN};
- export POLICY_PLAT_PASS=${POLICY_PLAT_PASS_PLAIN};
- export POLICY_CLI_PASS=${POLICY_CLI_PASS_PLAIN};
- export OSDF_PLACEMENT_PASS=${OSDF_PLACEMENT_PASS_PLAIN};
- export OSDF_PLACEMENT_SO_PASS=${OSDF_PLACEMENT_SO_PASS_PLAIN};
- export OSDF_PLACMENET_VFC_PASS=${OSDF_PLACEMENT_VFC_PASS_PLAIN};
- export OSDF_CM_SCHEDULER_PASS=${OSDF_CM_SCHEDULER_PASS_PLAIN};
- export CONFIG_DB_PASS=${CONFIG_DB_PASS_PLAIN};
- export OSDF_PCI_OPT_PASS=${OSDF_PCI_OPT_PASS_PLAIN};
- export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN};
- export SO_PASS=${SO_PASS_PLAIN};
- export SDC_PASS=${SDC_PASS_PLAIN};
- {{- if .Values.cps.enabled }}
- export CPS_PASS=${CPS_PASS_PLAIN};
- {{- end }}
- cd /config-input;
- for PFILE in `find . -not -type d | grep -v -F ..`; do
- envsubst <${PFILE} >/config/${PFILE};
- done"
- env:
- - name: AAI_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-creds" "key" "login") | indent 10 }}
- - name: AAI_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-creds" "key" "password") | indent 10 }}
-
- - name: CONDUCTOR_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "conductor-creds" "key" "login") | indent 10 }}
- - name: CONDUCTOR_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "conductor-creds" "key" "password") | indent 10 }}
-
- - name: SDNC_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "login") | indent 10 }}
- - name: SDNC_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "password") | indent 10 }}
-
- - name: MUSIC_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "music-creds" "key" "login") | indent 10 }}
- - name: MUSIC_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "music-creds" "key" "password") | indent 10 }}
-
- - name: AAF_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aaf-creds" "key" "login") | indent 10 }}
- - name: AAF_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aaf-creds" "key" "password") | indent 10 }}
-
- - name: POLICY_PLAT_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-plat-creds" "key" "login") | indent 10 }}
- - name: POLICY_PLAT_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-plat-creds" "key" "password") | indent 10 }}
-
- - name: POLICY_CLI_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-cli-creds" "key" "login") | indent 10 }}
- - name: POLICY_CLI_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-cli-creds" "key" "password") | indent 10 }}
-
- - name: OSDF_PLACEMENT_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-placement-creds" "key" "login") | indent 10 }}
- - name: OSDF_PLACEMENT_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-placement-creds" "key" "password") | indent 10 }}
-
- - name: OSDF_PLACEMENT_SO_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-placement-so-creds" "key" "login") | indent 10 }}
- - name: OSDF_PLACEMENT_SO_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-placement-so-creds" "key" "password") | indent 10 }}
-
- - name: OSDF_PLACEMENT_VFC_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-placement-vfc-creds" "key" "login") | indent 10 }}
- - name: OSDF_PLACEMENT_VFC_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-placement-vfc-creds" "key" "password") | indent 10 }}
-
- - name: OSDF_CM_SCHEDULER_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-cm-scheduler-creds" "key" "login") | indent 10 }}
- - name: OSDF_CM_SCHEDULER_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-cm-scheduler-creds" "key" "password") | indent 10 }}
-
- - name: CONFIG_DB_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "config-db-creds" "key" "login") | indent 10 }}
- - name: CONFIG_DB_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "config-db-creds" "key" "password") | indent 10 }}
-
- - name: OSDF_PCI_OPT_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-pci-opt-creds" "key" "login") | indent 10 }}
- - name: OSDF_PCI_OPT_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-pci-opt-creds" "key" "password") | indent 10 }}
-
- - name: OSDF_OPT_ENGINE_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-opt-engine-creds" "key" "login") | indent 10 }}
- - name: OSDF_OPT_ENGINE_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-opt-engine-creds" "key" "password") | indent 10 }}
-
- - name: SO_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-creds" "key" "login") | indent 10 }}
- - name: SO_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-creds" "key" "password") | indent 10 }}
-
- - name: SDC_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "login") | indent 10 }}
- - name: SDC_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 10 }}
- {{- if .Values.cps.enabled }}
- - name: CPS_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 10 }}
- - name: CPS_PASS_PLAIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 10 }}
- {{- end }}
-
- volumeMounts:
- - mountPath: /config-input
- name: {{ include "common.name" . }}-preload-input
- - mountPath: /config/
- name: {{ include "common.name" . }}-preload
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-update-config
- - image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- - "aaf-sms"
- - --container-name
- - "aaf-sms-quorumclient"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-preload
- command:
- - "/sms/bin/preload"
- - "-cacert"
- - "{{ .Values.certInitializer.mountPath }}/local/{{ .Values.certInitializer.root_ca_name }}"
- - "-jsondir"
- - "/preload/config"
- - "-serviceport"
- - "{{ .Values.service.internalPort }}"
- - "-serviceurl"
- - "https://aaf-sms.{{ include "common.namespace" . }}"
- workingDir: /sms
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /preload/config
- name: {{ include "common.name" . }}-preload
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- {{ include "common.waitForJobContainer" . | indent 6 | trim }}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.name" . }}-preload-input
- configMap:
- name: {{ include "common.fullname" . }}-preload
- - name: {{ include "common.name" . }}-preload
- emptyDir:
- medium: Memory
- restartPolicy: OnFailure
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/components/aaf-sms/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/templates/pv.yaml
deleted file mode 100644
index d06131feb5..0000000000
--- a/kubernetes/aaf/components/aaf-sms/templates/pv.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) }}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: {{ include "common.release" . }}
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-sms/templates/pvc.yaml b/kubernetes/aaf/components/aaf-sms/templates/pvc.yaml
deleted file mode 100644
index c46d50607c..0000000000
--- a/kubernetes/aaf/components/aaf-sms/templates/pvc.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
- storageClassName: {{ include "common.storageClass" . }}
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-sms/templates/secret.yaml b/kubernetes/aaf/components/aaf-sms/templates/secret.yaml
deleted file mode 100644
index 7a0213f16c..0000000000
--- a/kubernetes/aaf/components/aaf-sms/templates/secret.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/*
-# Copyright © 2020 Samsung Electronics, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
----
-{{- if .Values.global.aafEnabled }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-int-certs
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-sms/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/templates/service.yaml
deleted file mode 100644
index 8f30164fec..0000000000
--- a/kubernetes/aaf/components/aaf-sms/templates/service.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - name: {{ .Values.service.PortName }}
- {{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
- {{- else -}}
- port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- {{- end}}
- protocol: TCP
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml
deleted file mode 100644
index 114ad23672..0000000000
--- a/kubernetes/aaf/components/aaf-sms/values.yaml
+++ /dev/null
@@ -1,283 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- aafEnabled: true
-
-flavor: small
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- nameOverride: aaf-sms-cert-init
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: aaf-sms
- fqi: aaf-sms@aaf-sms.onap.org
- public_fqdn: aaf-sms.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- mountPath: /opt/app/osaaf
- keystore: truststoreONAPall.jks
- keystore_pass: changeit
- root_ca_alias: onaptestca
- root_ca_name: aaf_root_ca.cer
- permission_user: 1000
- permission_group: 1000
- aaf_add_config: >
- cd {{ .Values.mountPath }}/local;
- keytool -exportcert -rfc -file {{ .Values.root_ca_name }} -keystore {{ .Values.keystore }}
- -alias {{ .Values.root_ca_alias }} -storepass {{ .Values.keystore_pass }};
- chown -R {{.Values.permission_user}}:{{.Values.permission_group}}
- {{ .Values.mountPath }};
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/aaf/sms:4.0.2
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config:
- smsdbaddress: "http://aaf-sms-db:8200"
- cafile: "/opt/app/osaaf/local/aaf_root_ca.cer"
- servercert: "/opt/app/osaaf/local/org.onap.aaf-sms.crt"
- serverkey: "/opt/app/osaaf/local/org.onap.aaf-sms.key"
- password: "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA=="
-
-# subchart configuration
-vault:
- nameOverride: smsdb
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 30
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 30
-
-service:
- type: ClusterIP
- name: aaf-sms
- portName: aaf-sms
- internalPort: 10443
- externalPort: 10443
-
-#define value for aaf-sms-quorumclient subchart
-aaf-sms-quorumclient:
- service:
- name: aaf-sms
-
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 1Gi
- mountPath: /dockerdata-nfs
- mountSubPath: sms/auth
-
-ingress:
- enabled: false
-
-cps:
- enabled: true
-
-secrets:
- - uid: aai-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.aaiUsername }}'
- password: '{{ .Values.oofCreds.aaiPassword }}'
- passwordPolicy: required
- - uid: conductor-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.conductorUsername }}'
- password: '{{ .Values.oofCreds.conductorPassword }}'
- passwordPolicy: required
- - uid: sdnc-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.sdncUsername }}'
- password: '{{ .Values.oofCreds.sdncPassword }}'
- passwordPolicy: required
- - uid: music-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.musicUsername }}'
- password: '{{ .Values.oofCreds.musicPassword }}'
- passwordPolicy: required
- - uid: aaf-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.aafUsername }}'
- password: '{{ .Values.oofCreds.aafPassword }}'
- passwordPolicy: required
- - uid: policy-plat-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.policyPlatUsername }}'
- password: '{{ .Values.oofCreds.policyPlatPassword }}'
- passwordPolicy: required
- - uid: policy-cli-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.policyCliUsername }}'
- password: '{{ .Values.oofCreds.policyCliPassword }}'
- passwordPolicy: required
- - uid: osdf-placement-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.osdfPlacementUsername }}'
- password: '{{ .Values.oofCreds.osdfPlacementPassword }}'
- passwordPolicy: required
- - uid: osdf-placement-so-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.osdfPlacementSOUsername }}'
- password: '{{ .Values.oofCreds.osdfPlacementSOPassword }}'
- passwordPolicy: required
- - uid: osdf-placement-vfc-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.osdfPlacementVFCUsername }}'
- password: '{{ .Values.oofCreds.osdfPlacementVFCPassword }}'
- passwordPolicy: required
- - uid: osdf-cm-scheduler-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.osdfCMSchedulerUsername }}'
- password: '{{ .Values.oofCreds.osdfCMSchedulerPassword }}'
- passwordPolicy: required
- - uid: config-db-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.configDbUsername }}'
- password: '{{ .Values.oofCreds.configDbPassword }}'
- passwordPolicy: required
- - uid: osdf-pci-opt-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.osdfPCIOptUsername }}'
- password: '{{ .Values.oofCreds.osdfPCIOptPassword }}'
- passwordPolicy: required
- - uid: osdf-opt-engine-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.osdfOptEngineUsername }}'
- password: '{{ .Values.oofCreds.osdfOptEnginePassword }}'
- passwordPolicy: required
- - uid: so-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.soUsername }}'
- password: '{{ .Values.oofCreds.soPassword }}'
- passwordPolicy: required
- - uid: sdc-creds
- type: basicAuth
- login: '{{ .Values.oofCreds.sdcUsername }}'
- password: '{{ .Values.oofCreds.sdcPassword }}'
- passwordPolicy: required
- - uid: cps-creds
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.oofCreds.cpsUserExternalSecret) . }}'
- login: '{{ .Values.oofCreds.cpsUsername }}'
- password: '{{ .Values.oofCreds.cpsPassword }}'
- passwordPolicy: required
-oofCreds:
- aaiUsername: oof@oof.onap.org
- aaiPassword: demo123456!
-
- conductorUsername: admin1
- conductorPassword: plan.15
-
- sdncUsername: admin
- sdncPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
- musicUsername: conductor
- musicPassword: c0nduct0r
-
- aafUsername: aaf_admin@people.osaaf.org
- aafPassword: demo123456!
-
- policyPlatUsername: healthcheck
- policyPlatPassword: zb!XztG34
-
- policyCliUsername: healthcheck
- policyCliPassword: zb!XztG34
-
- osdfPlacementUsername: test
- osdfPlacementPassword: testpwd
-
- osdfPlacementSOUsername: so_test
- osdfPlacementSOPassword: so_testpwd
-
- osdfPlacementVFCUsername: vfc_test
- osdfPlacementVFCPassword: vfc_testpwd
-
- osdfCMSchedulerUsername: test1
- osdfCMSchedulerPassword: testpwd1
-
- configDbUsername: osdf
- configDbPassword: passwd
-
- osdfPCIOptUsername: pci_test
- osdfPCIOptPassword: pci_testpwd
-
- osdfOptEngineUsername: opt_test
- osdfOptEnginePassword: opt_testpwd
-
- soUsername: apihBpmn
- soPassword: password1$
-
- sdcUsername: aai
- sdcPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
- cpsUsername: ''
- cpsPassword: ''
- cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 100m
- memory: 400Mi
- requests:
- cpu: 25m
- memory: 10Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 25m
- memory: 100Mi
- unlimited: {}
-
-wait_for_job_container:
- containers:
- - '{{ include "common.name" . }}-preload'
-
diff --git a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml
deleted file mode 100644
index b30fd76d90..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Hardware Security Components
-name: aaf-sshsm
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: aaf-sshsm-abrmd
- version: ~12.x-0
- repository: 'file://components/aaf-sshsm-abrmd'
- condition: aaf-sshsm-abrmd.enabled
- - name: aaf-sshsm-distcenter
- version: ~12.x-0
- repository: 'file://components/aaf-sshsm-distcenter'
- condition: aaf-sshsm-distcenter.enabled
- - name: aaf-sshsm-testca
- version: ~12.x-0
- repository: 'file://components/aaf-sshsm-testca'
- condition: aaf-sshsm-testca.testca.enabled
diff --git a/kubernetes/aaf/components/aaf-sshsm/Makefile b/kubernetes/aaf/components/aaf-sshsm/Makefile
deleted file mode 100644
index ef273d0e9b..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/aaf/components/aaf-sshsm/README.md b/kubernetes/aaf/components/aaf-sshsm/README.md
deleted file mode 100644
index a6f2e62cb9..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/README.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Helm Chart for ONAP Hardware Security Components
-
-This includes the following Kubernetes services:
-
-1. dist-center - A service that is used to create and distribute private keys
-2. abrmd - A service that manages access to the TPM device
-
-# Service Dependencies
-
-All services depend on AAF \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/Makefile b/kubernetes/aaf/components/aaf-sshsm/components/Makefile
deleted file mode 100644
index 79ba2fb47e..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml
deleted file mode 100644
index e6d6d6653d..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Trusted Platform Module Resource Manager
-name: aaf-sshsm-abrmd
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/configmap.yaml
deleted file mode 100644
index 8555a3c153..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/configmap.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if .Values.global.tpm.enabled -}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/deployment.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/deployment.yaml
deleted file mode 100644
index a2df4e53b9..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/deployment.yaml
+++ /dev/null
@@ -1,89 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if .Values.global.tpm.enabled -}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- selector: {{- include "common.selectors" . | nindent 4 }}
- replicas: {{ .Values.replicaCount }}
- serviceName:
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- spec:
- initContainers:
- - image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.fullname" . }}-init"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/abrmd/bin/run_abrmd.sh"]
- workingDir: /abrmd/bin
- securityContext:
- privileged: true
- volumeMounts:
- - name: {{ include "common.fullname" . }}-dbus
- mountPath: /var/run/dbus
- - name: {{ include "common.fullname" . }}-tpm-device
- mountPath: /dev/tpm0
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- resources: {{ include "common.resources" . | nindent 10 }}
- nodeSelector:
- {{- if .Values.nodeSelector }}
- {{ toYaml .Values.nodeSelector | indent 8 | trim }}
- {{- end }}
- {{- if .Values.global.tpm.enabled }}
- {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }}
- {{- end }}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 8 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-dbus
- persistentVolumeClaim:
- claimName: {{ include "common.release" . }}-aaf-sshsm-dbus
- - name: {{ include "common.fullname" . }}-tpm-device
- hostPath:
- path: /dev/tpm0
-
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/job.yaml
deleted file mode 100644
index 8a8b6bd8fe..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/job.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if .Values.global.tpm.enabled -}}
-
-apiVersion: batch/v1
-kind: Job
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- backoffLimit: 2
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- spec:
- restartPolicy: Never
- containers:
- - name: {{ include "common.name" . }}-job
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/abrmd/bin/initialize_tpm.sh"]
- workingDir: /abrmd/bin
- securityContext:
- privileged: true
- env:
- - name: TPM_NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: ABRMD_DATA
- value: /abrmd/data
- volumeMounts:
- - name: {{ include "common.fullname" . }}-data
- mountPath: /abrmd/data
- - name: {{ include "common.fullname" . }}-tpm-device
- mountPath: /dev/tpm0
- - name: {{ include "common.fullname" . }}-tpmconfig
- mountPath: "/abrmd/cred/"
- readOnly: true
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
- {{- if .Values.global.tpm.enabled }}
- {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }}
- {{- end -}}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 8 }}
- {{- end }}
- volumes:
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.release" . }}-aaf-sshsm-data
- - name: {{ include "common.fullname" . }}-tpm-device
- hostPath:
- path: /dev/tpm0
- - name: {{ include "common.fullname" . }}-tpmconfig
- secret:
- secretName: {{ include "common.release" . }}-aaf-sshsm
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
-
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/values.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/values.yaml
deleted file mode 100644
index e97519aa3e..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/values.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- tpm:
- enabled: true
- # if enabled, nodeselector will use the below
- # values in the nodeselector section of the pod
- nodeLabel: "tpm-node"
- nodeLabelValue: "true"
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/aaf/abrmd:4.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-# default number of instances
-replicaCount: 1
-
-# TPM specific node selection is done at parent chart aaf-sshsm
-nodeSelector: {}
-
-affinity: {}
-
-ingress:
- enabled: false
-
-# Configure resource requests and limits
-flavor: small
-resources:
- small:
- limits:
- cpu: 20m
- memory: 50Mi
- requests:
- cpu: 10m
- memory: 10Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 100Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml
deleted file mode 100644
index 0d57836d10..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Trusted Platform Module Distribution Center
-name: aaf-sshsm-distcenter
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/configmap.yaml
deleted file mode 100644
index 2e82f5bd26..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/configmap.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/job.yaml
deleted file mode 100644
index f74b5c8f2d..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/job.yaml
+++ /dev/null
@@ -1,101 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- serviceName:
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- spec:
- restartPolicy: Never
- initContainers:
-{{- if .Values.global.tpm.enabled }}
- - image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-aaf-sshsm-abrmd-init"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{ else }}
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-gen-passphrase
- command: ["sh", "-c", "/usr/bin/openssl rand -base64 12 >/distcenter/data/passphrase"]
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: {{ include "common.fullname" . }}-data
- mountPath: /distcenter/data
- resources:
- limits:
- cpu: 1
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{- end }}
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/entrypoint.sh"]
- workingDir: /distcenter
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: {{ include "common.fullname" . }}-data
- mountPath: /distcenter/data
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 8 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.release" . }}-aaf-sshsm
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/values.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/values.yaml
deleted file mode 100644
index fb42843cb7..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/values.yaml
+++ /dev/null
@@ -1,70 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- persistence: {}
- tpm:
- enabled: true
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/aaf/distcenter:4.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 10Mi
- mountPath: /dockerdata-nfs
- mountSubPath: sshsm/distcenter/data
-
-ingress:
- enabled: false
-
-# Configure resource requests and limits
-flavor: small
-resources:
- small:
- limits:
- cpu: 20m
- memory: 50Mi
- requests:
- cpu: 10m
- memory: 10Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 100Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml
deleted file mode 100644
index ec513a0748..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Trusted Platform Module Test CA Service
-name: aaf-sshsm-testca
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/templates/job.yaml
deleted file mode 100644
index 71e7c299bc..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/templates/job.yaml
+++ /dev/null
@@ -1,126 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- spec:
- restartPolicy: Never
- initContainers:
- - image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-distcenter-ready
- command:
- - /app/ready.py
- args:
- - -j
- - "{{ include "common.release" . }}-aaf-sshsm-distcenter"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{- if .Values.global.tpm.enabled }}
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-abrmd-ready
- command: ["sh", "/sshsm/bin/abrmd_ready.sh", "300"]
- workingDir: /testca/bin
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- volumeMounts:
- - name: {{ include "common.fullname" . }}-dbus
- mountPath: /var/run/dbus
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{- end }}
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- name: {{ include "common.name" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["./import.sh"]
- workingDir: /testca/bin
- env:
-{{- if .Values.global.tpm.enabled }}
- - name: TPM_NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: DATA_FOLDER
- value: /testca/data/host_$(TPM_NODE_NAME)
-{{ else }}
- - name: DATA_FOLDER
- value: /testca/data
-{{- end }}
- - name: SECRETS_FOLDER
- value: /testca/secrets
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: {{ include "common.fullname" . }}-data
- mountPath: /testca/data
- - name: {{ include "common.fullname" . }}-dbus
- mountPath: /var/run/dbus
- - name: {{ include "common.fullname" . }}-secrets
- mountPath: /testca/secrets
- readOnly: true
- resources: {{ include "common.resources" . | nindent 10 }}
- nodeSelector:
- {{- if .Values.nodeSelector }}
- {{ toYaml .Values.nodeSelector | indent 8 | trim }}
- {{- end -}}
- {{- if .Values.global.tpm.enabled }}
- {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 8 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.release" . }}-aaf-sshsm
- - name: {{ include "common.fullname" . }}-dbus
- persistentVolumeClaim:
- claimName: {{ include "common.release" . }}-aaf-sshsm-dbus
- - name: {{ include "common.fullname" . }}-secrets
- secret:
- secretName: {{ include "common.release" . }}-aaf-sshsm
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/values.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/values.yaml
deleted file mode 100644
index f116c6d5e9..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/values.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-
-global:
- tpm:
- enabled: true
- # if enabled, nodeselector will use the below
- # values in the nodeselector section of the pod
- nodeLabel: "tpm-node"
- nodeLabelValue: "true"
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/aaf/testcaservice:4.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-ingress:
- enabled: false
-
-# Configure resource requests and limits
-flavor: small
-resources:
- small:
- limits:
- cpu: 50m
- memory: 100Mi
- requests:
- cpu: 10m
- memory: 10Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 100Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd b/kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd
deleted file mode 100644
index 640b325898..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd
+++ /dev/null
@@ -1 +0,0 @@
-cHJpbWFyeXBhc3N3b3JkCg==
diff --git a/kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle b/kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle
deleted file mode 100644
index b8b9d8ddb0..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle
+++ /dev/null
@@ -1 +0,0 @@
-MHg4MTAwMDAyMwo=
diff --git a/kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml
deleted file mode 100644
index b566b11458..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.PV" (dict "dot" . "persistenceInfos" .Values.persistence.data) }}
diff --git a/kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml
deleted file mode 100644
index b3e7f9fabd..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.PV" (dict "dot" . "suffix" "dbus" "persistenceInfos" .Values.persistence.dbus) }}
diff --git a/kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml
deleted file mode 100644
index b8971cc03c..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.PVC" (dict "dot" . "persistenceInfos" .Values.persistence.data) }}
diff --git a/kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml
deleted file mode 100644
index 7297d6f81d..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.PVC" (dict "dot" . "suffix" "dbus" "persistenceInfos" .Values.persistence.dbus) }}
diff --git a/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml
deleted file mode 100644
index 4be63fa18b..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/*").AsSecrets | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-sshsm/values.yaml b/kubernetes/aaf/components/aaf-sshsm/values.yaml
deleted file mode 100644
index 7e8d4f1352..0000000000
--- a/kubernetes/aaf/components/aaf-sshsm/values.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
-# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- # Standard OOM
- pullPolicy: "Always"
-
- tpm:
- enabled: false
- # if enabled, nodeselector will use the below
- # values in the nodeselector section of the pod
- nodeLabel: "tpm-node"
- nodeLabelValue: "true"
- persistence: {}
-
-aaf-sshsm-abrmd:
- enabled: true
-aaf-sshsm-distcenter:
- enabled: true
-aaf-sshsm-testca:
- enabled: true
-
-persistence:
- enabled: true
- data:
- enabled: true
- size: 10Mi
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- mountSubPath: sshsm/data
- dbus:
- enabled: true
- size: 10Mi
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- mountSubPath: sshsm/dbus
-
-
-
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 20m
- memory: 50Mi
- requests:
- cpu: 10m
- memory: 10Mi
- large:
- limits:
- cpu: 400m
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 100Mi
- unlimited: {}
diff --git a/kubernetes/aaf/components/aaf-templates/Chart.yaml b/kubernetes/aaf/components/aaf-templates/Chart.yaml
deleted file mode 100644
index 301f65c9b0..0000000000
--- a/kubernetes/aaf/components/aaf-templates/Chart.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-# Copyright © 2020-2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Application Authorization Framework Templates
-name: aaf-templates
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
deleted file mode 100644
index 1fb7240e11..0000000000
--- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
+++ /dev/null
@@ -1,84 +0,0 @@
-{*/
-# Copyright © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}
-
-{{- define "aaf.deployment" -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- selector: {{- include "common.selectors" . | nindent 4 }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- {{- if (include "common.onServiceMesh" .) }}
- annotations:
- sidecar.istio.io/inject: "false"
- {{- end }}
- spec: {{ include "aaf.initContainers" . | nindent 6 }}
- containers:
- - name: {{ include "common.name" . }}
- workingDir: /opt/app/aaf
- command: ["bin/{{ .Values.binary }}"]
- image: {{ include "repositoryGenerator.repository" . }}/{{.Values.global.aaf.image}}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports: {{ include "common.containerPorts" . | nindent 10 }}
- volumeMounts:
- - mountPath: "/opt/app/osaaf"
- name: aaf-config-vol
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /opt/app/osaaf/etc/org.osaaf.aaf.log4j.props
- name: aaf-log
- subPath: org.osaaf.aaf.log4j.props
- - mountPath: /opt/app/osaaf/data/
- name: config-identity
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{.Values.liveness.port }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.readiness.port }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-config-vol
- emptyDir: {}
- - name: aaf-log
- configMap:
- name: {{ include "common.release" . }}-aaf-log
- - name: config-init-identity
- configMap:
- name: {{ include "common.release" . }}-aaf-identity
- - name: config-identity
- emptyDir: {}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
-{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
deleted file mode 100644
index 755315296d..0000000000
--- a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
+++ /dev/null
@@ -1,130 +0,0 @@
-{*/
-# Copyright © 2020 AT&T, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}
-
-{{- define "aaf.permissionFixer" -}}
-- name: onboard-identity-and-fix-permission
- command:
- - /bin/sh
- args:
- - -c
- - |
- echo "*** Move files from configmap to emptyDir"
- cp -L /config-input-identity/* /config-identity/
- echo "*** set righ user to the different folders"
- chown -R 1000:1000 /config-identity
- chown -R 1000:1000 /opt/app/aaf
- chown -R 1000:1000 /opt/app/osaaf
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-config-vol
- - mountPath: /config-input-identity
- name: config-init-identity
- - mountPath: /config-identity
- name: config-identity
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{- end -}}
-
-{{- define "aaf.podConfiguration" }}
-- name: {{ include "common.name" . }}-config-container
- image: {{ include "repositoryGenerator.repository" . }}/{{.Values.global.aaf.config.image}}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /bin/bash
- args:
- - -c
- - |
- cd /opt/app/aaf_config
- bin/agent.sh
- volumeMounts:
- - mountPath: "/opt/app/osaaf"
- name: aaf-config-vol
- env:
- - name: aaf_env
- value: "{{ .Values.global.aaf.aaf_env }}"
- - name: cadi_latitude
- value: "{{ .Values.global.aaf.cadi_latitude }}"
- - name: cadi_longitude
- value: "{{ .Values.global.aaf.cadi_longitude }}"
- - name: cadi_x509_issuers
- value: "{{ .Values.global.aaf.cadi_x509_issuers }}"
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace}}:8095"
- - name: aaf_locator_container
- value: "oom"
- - name: aaf_release
- value: "{{ .Values.global.aaf.aaf_release }}"
- - name: aaf_locator_container_ns
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: aaf_locator_public_fqdn
- value: "{{.Values.global.aaf.public_fqdn}}"
- - name: aaf_locator_name
- value: "{{.Values.global.aaf.aaf_locator_name}}"
- - name: aaf_locator_name_oom
- value: "{{.Values.global.aaf.aaf_locator_name_oom}}"
- - name: cm_always_ignore_ips
- value: "true"
- - name: CASSANDRA_CLUSTER
- value: "aaf-cass.{{ .Release.Namespace }}"
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{- end -}}
-
-{{- define "aaf.initContainers" -}}
-initContainers:
-{{ include "aaf.permissionFixer" . }}
-{{- if .Values.sequence_order }}
-- name: {{ include "common.name" . }}-aaf-readiness
- command:
- - /app/ready.py
- args:
- {{- range $container := .Values.sequence_order }}
- - --container-name
- - aaf-{{ $container}}
- {{- end }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
-{{- end }}
-{{ include "aaf.podConfiguration" . }}
-{{- end }}
diff --git a/kubernetes/aaf/components/aaf-templates/values.yaml b/kubernetes/aaf/components/aaf-templates/values.yaml
deleted file mode 100644
index 73efdc6132..0000000000
--- a/kubernetes/aaf/components/aaf-templates/values.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-# Copyright © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
diff --git a/kubernetes/aaf/resources/data/identities.dat b/kubernetes/aaf/resources/data/identities.dat
deleted file mode 100644
index 4813cc19fc..0000000000
--- a/kubernetes/aaf/resources/data/identities.dat
+++ /dev/null
@@ -1,94 +0,0 @@
-{{/*
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-# 0 - unique ID
-# 1 - full name
-# 2 - first name
-# 3 - last name
-# 4 - phone
-# 5 - official email
-# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-*/}}
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@people.osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@people.osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.developer@people.osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@people.osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@people.osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@people.osaaf.com|n|mmanager
-
-# Portal Identities
-portal|ONAP Portal Application|PORTAL|ONAP Application|314-123-1234|portal@people.osaaf.com|a|aaf_admin
-shi|ONAP SHI Portal Identity|shi|Portal Application|314-123-1234|shi@people.osaaf.com|a|aaf_admin
-demo|PORTAL DEMO|demo|PORTAL|DEMO|314-123-1234|demo@people.osaaf.com|e|aaf_admin
-jh0003|PORTAL ADMIN|jh|PORTAL ADMIN|314-123-1234|jh0003@people.osaaf.com|e|aaf_admin
-cs0008|PORTAL DESIGNER|cs|PORTAL DESIGNER|314-123-1234|cs0008@people.osaaf.com|e|aaf_admin
-jm0007|PORTAL TESTER|jm|PORTAL TESTER|314-123-1234|jm0007@people.osaaf.com|e|aaf_admin
-op0001|PORTAL OPS|op|PORTAL OPS|314-123-1234|op0001@people.osaaf.com|e|aaf_admin
-gv0001|GV PORTAL|gv|PORTAL|314-123-1234|gv0001@people.osaaf.com|e|aaf_admin
-pm0001|PM PORTAL|pm|PORTAL|314-123-1234|pm0001@people.osaaf.com|e|aaf_admin
-gs0001|GS PORTAL|gs|PORTAL|314-123-1234|gs0001@people.osaaf.com|e|aaf_admin
-ps0001|PS PORTAL|ps|PORTAL|314-123-1234|ps0001@people.osaaf.com|e|aaf_admin
-
-# AAF Defined Users
-aaf_admin|AAF Administrator|Mr AAF|AAF Admin|314-123-1234|aaf_admin@people.osaaf.com|e|mmanager
-deployer|Deployer|Deployer|Depoyer|314-123-1234|deployer@people.osaaf.com|e|aaf_admin
-
-# Requested Users
-portal_admin|Portal Admin|Portal|Admin|314-123-1234|portal_admin@people.osaaf.com|e|mmanager
-
-# ONAP App IDs
-a1p|A1 Policy Mangement|A1P|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin
-aaf|AAF Application|AAF|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin
-aaf-sms|AAF SMS Application|AAF SMS|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin
-clamp|ONAP CLAMP Application|CLAMP|Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-aai|ONAP AAI Application|AAI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-aai-resources|ONAP AAI Resources Application|AAI Resources|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-aai-schema-service|ONAP AAI Schema Service Application|AAI Schema Service|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-aai-traversal|ONAP AAI Traversal Application|AAI Resources|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-appc|ONAP APPC Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-appc-cdt|ONAP APPC CDT Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-cli|ONAP CLI Application|SDNC-CDS|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-dcae|ONAP DCAE Application|CLAMP|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-oof|ONAP OOF Application|OOF|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-so|ONAP SO Application|SO|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-sdc|ONAP SDC Application|SDC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-sdnc|ONAP SDNC Application|SDNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-sdnc-cds|ONAP SDNC CDS Application|SDNC-CDS|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-vfc|ONAP VFC Application|VNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-policy|ONAP Policy Application|POLICY|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-pomba|ONAP Pomba Application|POMBA|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-holmes|ONAP Holmes Application|HOLMES|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-holmes-engine-mgmt|ONAP Holmes Engine Management Application|HOLMES-ENGINE|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-holmes-rule-mgmt|ONAP Holmes Rules Management Application|HOLMES-RULES|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-nbi|ONAP NBI Application|NBI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-msb-eag|ONAP MSB EAG Application|MSB EAG|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-msb-iag|ONAP MSB IAG Application|MSB IAG|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-music|ONAP MUSIC Application|MUSIC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-refrepo|ONAP REFREPO Application|REFREPO|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-uui|ONAP UUI Application|UUI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-# VID Identities
-vid|ONAP VID Application|VID|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-vid1|ONAP VID Application 1|VID 1|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-vid2|ONAP VID Application 2|VID 2|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-# DMAAP Identities
-dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-dmaap-bc-topic-mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-dmaap-bc-mm-prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-dmaap-dr|ONAP DMaap DR|Prov|DMaap DR|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-#deprecate these in El Alto
-dmaapmr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
-#dmaap.mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
diff --git a/kubernetes/aaf/resources/log/org.osaaf.aaf.log4j.props b/kubernetes/aaf/resources/log/org.osaaf.aaf.log4j.props
deleted file mode 100644
index 4120913d99..0000000000
--- a/kubernetes/aaf/resources/log/org.osaaf.aaf.log4j.props
+++ /dev/null
@@ -1,53 +0,0 @@
-#########
-# ============LICENSE_START====================================================
-# org.onap.aaf
-# ===========================================================================
-# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
-# Copyright (c) 2020 Orange Intellectual Property. All rights reserved.
-# ===========================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END====================================================
-#
-
-log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.INIT.File=${LOG4J_FILENAME_init}
-log4j.appender.INIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.INIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.SRVR.File=${LOG4J_FILENAME_service}
-log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd
-log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout
-log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n
-
-log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit}
-log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
-
-# General Apache libraries
-log4j.rootLogger=WARN.SRVR
-log4j.logger.org.apache=WARN,SRVR
-log4j.logger.com.datastax=WARN,SRVR
-log4j.logger.init=INFO,INIT,stdout
-log4j.logger.service=${LOGGING_LEVEL},SRVR,stdout
-log4j.logger.audit=INFO,AUDIT
-# Additional configs, not caugth with Root Logger
-log4j.logger.io.netty=INFO,SRVR
-log4j.logger.org.eclipse=INFO,SRVR \ No newline at end of file
diff --git a/kubernetes/aaf/templates/configmap.yaml b/kubernetes/aaf/templates/configmap.yaml
deleted file mode 100644
index 969046551b..0000000000
--- a/kubernetes/aaf/templates/configmap.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-# Copyright © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-log
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-identity
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/data/*").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml
deleted file mode 100644
index b014360833..0000000000
--- a/kubernetes/aaf/values.yaml
+++ /dev/null
@@ -1,104 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
-# Modifications Copyright © 2020 Nokia
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-
-global:
- nodePortPrefix: 302
- persistence:
- enabled: true
- # Standard OOM
- pullPolicy: "Always"
-
- cmpv2Enabled: true
- addTestingComponents: false
- aaf:
- readiness: false
- image: onap/aaf/aaf_core:2.1.23
- aaf_env: "DEV"
- public_fqdn: "aaf.osaaf.org"
- aaf_release: "Frankfurt"
- # DUBLIN ONLY - for M4 compatibility with Casablanca
- # aaf_locator_name: "public.%NS.%N"
- # aaf_locator_name_oom: "%NS.%N"
- # EL ALTO and Beyond
- aaf_locator_name: "%NS.%N"
- aaf_locator_name_oom: "%CNS.%NS.%N"
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
-
- config:
- image: onap/aaf/aaf_config:2.1.23
-
- service:
- fqdn: "aaf-service"
- internal_port: 8100
- public_port: 31110
- locate:
- fqdn: "aaf-locate"
- internal_port: 8095
- public_port: 31111
- oauth:
- fqdn: "aaf-oauth"
- internal_port: 8140
- public_port: 31112
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-flavor: small
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 350
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 150
- periodSeconds: 10
-
-ingress:
- enabled: false
- service:
- - baseaddr: "aaf.api"
- name: "aaf-service"
- port: 8100
- config:
- ssl: "none"
-
-persistence: {}
-
-resources: {}
-
-aaf-authz:
- enabled: true
-aaf-sms:
- enabled: true
-aaf-sshsm:
- enabled: false
diff --git a/kubernetes/aai/components/aai-babel/templates/authorizationpolicy.yaml b/kubernetes/aai/components/aai-babel/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/aai/components/aai-babel/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index bbc64d2113..718651daa6 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -71,6 +71,13 @@ ingress:
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: aai-modelloader-read
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
resources:
small:
limits:
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/authorizationpolicy.yaml b/kubernetes/aai/components/aai-graphadmin/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/aai/components/aai-graphadmin/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml
index 3e3d685ad8..253a11c5c8 100644
--- a/kubernetes/aai/components/aai-graphadmin/values.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/values.yaml
@@ -202,6 +202,11 @@ service:
ingress:
enabled: false
+# No inbound communications.
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals: []
+
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
diff --git a/kubernetes/aai/components/aai-resources/templates/authorizationpolicy.yaml b/kubernetes/aai/components/aai-resources/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/aai/components/aai-resources/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index a966776054..613604fe95 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -205,6 +205,12 @@ service:
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: aai-read
+ - serviceAccount: consul-read
+
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
diff --git a/kubernetes/aai/components/aai-schema-service/templates/authorizationpolicy.yaml b/kubernetes/aai/components/aai-schema-service/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/aai/components/aai-schema-service/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index 19ee9d491c..88f17861c7 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -98,6 +98,13 @@ service:
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: aai-graphadmin-read
+ - serviceAccount: aai-resources-read
+ - serviceAccount: aai-traversal-read
+
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/authorizationpolicy.yaml b/kubernetes/aai/components/aai-sparky-be/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml
index 8ec45536b8..7fe0a62ace 100644
--- a/kubernetes/aai/components/aai-sparky-be/values.yaml
+++ b/kubernetes/aai/components/aai-sparky-be/values.yaml
@@ -95,6 +95,12 @@ ingress:
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
podAnnotations:
sidecar.istio.io/rewriteAppHTTPProbers: "false"
diff --git a/kubernetes/aai/components/aai-traversal/templates/authorizationpolicy.yaml b/kubernetes/aai/components/aai-traversal/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/aai/components/aai-traversal/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 106b44070c..fac033bd90 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -228,6 +228,12 @@ service:
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: aai-read
+ - serviceAccount: consul-read
+
# To make logback capping values configurable
logback:
logToFileEnabled: true
diff --git a/kubernetes/aai/templates/authorizationpolicy.yaml b/kubernetes/aai/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..fa59f52f35
--- /dev/null
+++ b/kubernetes/aai/templates/authorizationpolicy.yaml
@@ -0,0 +1,100 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipals := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipals -}}
+{{- $authorizedPrincipalsMetrics := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsMetrics -}}
+{{- $defaultOperationMethods := list "GET" "POST" "PUT" "PATCH" "DELETE" -}}
+{{- $relName := include "common.release" . -}}
+
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ include "common.fullname" (dict "suffix" "authz" "dot" . )}}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipals }}
+{{- range $principal := $authorizedPrincipals }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ methods:
+{{- if $principal.allowedOperationMethods }}
+{{- range $method := $principal.allowedOperationMethods }}
+ - {{ $method }}
+{{- end }}
+{{- else }}
+{{- range $method := $defaultOperationMethods }}
+ - {{ $method }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ include "common.fullname" (dict "suffix" "metrics-authz" "dot" . )}}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}-metrics
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsMetrics }}
+{{- range $principal := $authorizedPrincipalsMetrics }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ methods:
+{{- if $principal.allowedOperationMethods }}
+{{- range $method := $principal.allowedOperationMethods }}
+ - {{ $method }}
+{{- end }}
+{{- else }}
+{{- range $method := $defaultOperationMethods }}
+ - {{ $method }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 58f172387c..c40dbe0d2d 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -41,6 +41,12 @@ global: # global defaults
#Service Name of the cassandra cluster to connect to.
#Override it to aai-cassandra if localCluster is enabled.
+ #in case of using k8ssandra-operator in the common cassandra installation
+ #the service name is:
+ #serviceName: cassandra-dc1-service
+ #in case of local k8ssandra-operator instance it is
+ #serviceName: aai-cassandra-dc1-service
+ #in case the older cassandra installation is used:
serviceName: cassandra
#This should be same as shared cassandra instance or if localCluster is enabled
@@ -350,6 +356,10 @@ cassandra:
persistence:
mountSubPath: aai/cassandra
enabled: true
+ k8ssandraOperator:
+ enabled: false
+ config:
+ clusterName: aai-cassandra
readiness:
initialDelaySeconds: 10
@@ -396,6 +406,34 @@ ingress:
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipalsMetrics: []
+ authorizedPrincipals:
+ - serviceAccount: aai-graphadmin-read
+ - serviceAccount: aai-modelloader-read
+ - serviceAccount: aai-resources-read
+ - serviceAccount: aai-schema-service-read
+ - serviceAccount: aai-traversal-read
+ - serviceAccount: cds-blueprints-processor-read
+ - serviceAccount: consul-read
+ - serviceAccount: dcae-prh-read
+ - serviceAccount: dcae-slice-analysis-ms-read
+ - serviceAccount: dcae-tcagen2
+ - serviceAccount: nbi-read
+ - serviceAccount: sdnc-read
+ - serviceAccount: so-read
+ - serviceAccount: so-bpmn-infra-read
+ - serviceAccount: so-cnf-adapter-read
+ - serviceAccount: so-nssmf-adapter-read
+ - serviceAccount: so-etsi-nfvo-ns-lcm-read
+ - serviceAccount: so-etsi-sol003-adapter-read
+ - serviceAccount: so-openstack-adapter-read
+ - serviceAccount: so-sdc-controller-read
+ - serviceAccount: so-ve-vnfm-adapter
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
resources:
small:
limits:
diff --git a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml
index 003707a52b..883f7f8846 100755
--- a/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-command-executor/templates/deployment.yaml
@@ -16,24 +16,12 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- command:
@@ -51,7 +39,7 @@ spec:
- name: PROMETHEUS_METRICS_ENABLED
value: {{ .Values.metrics.serviceMonitor.enabled | quote }}
- name: PROMETHEUS_PORT
- value: {{ .Values.service.metrics.internalPort | quote }}
+ value: {{ .Values.metrics.serviceMonitor.internalPort | quote }}
{{ end }}
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -60,19 +48,18 @@ spec:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.grpc.internalPort }}
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.grpc.internalPort }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.grpc.internalPort }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
diff --git a/kubernetes/cds/components/cds-command-executor/templates/service.yaml b/kubernetes/cds/components/cds-command-executor/templates/service.yaml
index 7540728ee9..c131358663 100755
--- a/kubernetes/cds/components/cds-command-executor/templates/service.yaml
+++ b/kubernetes/cds/components/cds-command-executor/templates/service.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright (c) 2019 Bell Canada
+# Copyright (C) 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,34 +14,4 @@
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.grpc.externalPort }}
- targetPort: {{ .Values.service.grpc.internalPort }}
- {{- if eq .Values.service.type "NodePort"}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- {{- end}}
- name: {{ .Values.service.grpc.portName | default "grpc" }}
- {{- if .Values.metrics.serviceMonitor.enabled }}
- - port: {{ .Values.service.metrics.externalPort }}
- targetPort: {{ .Values.service.metrics.internalPort }}
- {{- if eq .Values.service.type "NodePort"}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- {{- end}}
- name: {{ .Values.service.metrics.portName | default "metrics" }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }} \ No newline at end of file
+{{ include "common.service" . }}
diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml
index 9b8e864bfb..168978c017 100755
--- a/kubernetes/cds/components/cds-command-executor/values.yaml
+++ b/kubernetes/cds/components/cds-command-executor/values.yaml
@@ -62,14 +62,13 @@ readiness:
service:
type: ClusterIP
- grpc:
- portName: grpc
- internalPort: 50051
- externalPort: 50051
- metrics:
- portName: tcp-metrics
- internalPort: 10005
- externalPort: 10005
+ name: cds-command-executor
+ internalPort: 50051
+ ports:
+ - name: grpc
+ port: 50051
+ - name: &metricsPortname tcp-metrics
+ port: &metricsPort 10005
persistence:
enabled: false
@@ -105,7 +104,8 @@ serviceAccount:
metrics:
serviceMonitor:
enabled: false
- port: tcp-metrics
+ port: *metricsPortname
+ internalPort: *metricsPort
path: /actuator/prometheus
basicAuth:
enabled: false
diff --git a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
index 6ee2201e57..fe4edc7779 100644
--- a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
@@ -1,6 +1,6 @@
listenerservice:
config:
- sdcAddress: sdc-be.{{include "common.namespace" .}}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }} #SDC-BE
+ sdcAddress: sdc-be.{{include "common.namespace" .}}:8080 #SDC-BE
messageBusAddress: message-router.{{include "common.namespace" .}} #Message-Router
user: cds #SDC-username
password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U #SDC-password
@@ -13,7 +13,7 @@ listenerservice:
keyStorePassword:
keyStorePath:
activateServerTLSAuth : false
- isUseHttpsWithSDC: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+ isUseHttpsWithSDC: false
archivePath: /opt/app/onap/sdc-listener/
grpcAddress: cds-blueprints-processor-grpc
grpcPort: 9111
diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
index 4d01b4bcfb..c0302d11d3 100644
--- a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
@@ -16,24 +16,12 @@
*/}}
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- command:
@@ -64,21 +52,19 @@ spec:
secretKeyRef:
name: {{ include "common.name" . }}-ku
key: sasl.jaas.config
- ports:
- - containerPort: {{ .Values.service.http.internalPort }}
- name: {{ .Values.service.http.portName }}
+ ports: {{- include "common.containerPorts" . | nindent 12 }}
{{ if .Values.liveness.enabled }}
livenessProbe:
httpGet:
path: /api/v1/sdclistener/healthcheck
- port: {{ .Values.service.http.portName }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{end}}
readinessProbe:
httpGet:
path: /api/v1/sdclistener/healthcheck
- port: {{ .Values.service.http.portName }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml
index 42bd2b33e9..e62653fff2 100644
--- a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright (c) 2019 Bell Canada
+# Copyright (c) 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,25 +13,5 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.http.externalPort }}
- targetPort: {{ .Values.service.http.internalPort }}
- {{- if eq .Values.service.type "NodePort"}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- {{- end}}
- name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+
+{{ include "common.service" . }} \ No newline at end of file
diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml
index 8108d5f970..a3a0dc9e6f 100644
--- a/kubernetes/cds/components/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml
@@ -71,10 +71,11 @@ readiness:
service:
type: ClusterIP
- http:
- portName: http
- internalPort: 8080
- externalPort: 8080
+ name: cds-sdc-listener
+ internalPort: 8080
+ ports:
+ - name: http
+ port: 8080
persistence:
enabled: true
diff --git a/kubernetes/cds/components/cds-ui/Chart.yaml b/kubernetes/cds/components/cds-ui/Chart.yaml
index 2bf7c584e0..d4c379910d 100644
--- a/kubernetes/cds/components/cds-ui/Chart.yaml
+++ b/kubernetes/cds/components/cds-ui/Chart.yaml
@@ -23,9 +23,6 @@ dependencies:
- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: repositoryGenerator
version: ~12.x-0
repository: '@local'
diff --git a/kubernetes/cds/components/cds-ui/templates/deployment.yaml b/kubernetes/cds/components/cds-ui/templates/deployment.yaml
index 637347bfc1..6887e6710e 100644
--- a/kubernetes/cds/components/cds-ui/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-ui/templates/deployment.yaml
@@ -17,35 +17,18 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- name: {{ include "common.fullname" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
- {{- if .Values.global.aafEnabled }}
- initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- {{- end }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
+ ports: {{- include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
@@ -74,18 +57,12 @@ spec:
value: "{{ .Values.config.api.processor.grpc.port }}"
- name: API_BLUEPRINT_PROCESSOR_GRPC_AUTH_TOKEN
value: {{ .Values.config.api.processor.grpc.authToken }}
- {{- if .Values.global.aafEnabled }}
- - name: KEYSTORE
- value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12"
- - name: PASSPHRASE
- value: "{{ .Values.certInitializer.credsPath }}/mycreds.prop"
- {{- end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 12 }}
+ volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -99,7 +76,7 @@ spec:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
+ volumes:
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/cds/components/cds-ui/templates/service.yaml b/kubernetes/cds/components/cds-ui/templates/service.yaml
index bfc3e30c84..e62653fff2 100644
--- a/kubernetes/cds/components/cds-ui/templates/service.yaml
+++ b/kubernetes/cds/components/cds-ui/templates/service.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2017 Amdocs, Bell Canada, Orange
+# Copyright (c) 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,28 +14,4 @@
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }} \ No newline at end of file
diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml
index ab0bafea5f..21b8d2d5ed 100644
--- a/kubernetes/cds/components/cds-ui/values.yaml
+++ b/kubernetes/cds/components/cds-ui/values.yaml
@@ -22,27 +22,6 @@ global:
subChartsOnly:
enabled: true
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- nameOverride: cds-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: sdnc-cds
- fqi: sdnc-cds@sdnc-cds.onap.org
- public_fqdn: sdnc-cds.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- fqi_namespace: org.onap.sdnc-cds
- aaf_add_config: >
- /opt/app/aaf_config/bin/agent.sh;
- /opt/app/aaf_config/bin/agent.sh local showpass
- {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
-
# application image
image: onap/ccsdk-cds-ui-server:1.4.2
pullPolicy: Always
@@ -94,10 +73,12 @@ readiness:
service:
type: NodePort
- portName: http-cds-ui
name: cds-ui
- nodePort: 97
internalPort: 3000
+ ports:
+ - name: http
+ port: 3000
+ nodePort: 97
ingress:
enabled: false
diff --git a/kubernetes/common/cassandra/templates/backup/configmap.yaml b/kubernetes/common/cassandra/templates/backup/configmap.yaml
index 9bbc69ba04..b566b6107e 100644
--- a/kubernetes/common/cassandra/templates/backup/configmap.yaml
+++ b/kubernetes/common/cassandra/templates/backup/configmap.yaml
@@ -13,6 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
+{{- if not .Values.k8ssandraOperator.enabled }}
{{- if .Values.backup.enabled }}
apiVersion: v1
kind: ConfigMap
@@ -28,3 +29,4 @@ data:
{{ tpl (.Files.Glob "resources/restore.sh").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/exec.py").AsConfig . | indent 2 }}
{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml
index 27f3cc690d..e2f675a384 100644
--- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml
+++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml
@@ -14,6 +14,8 @@
# limitations under the License.
*/}}
{{- if .Values.backup.enabled }}
+{{- if .Values.k8ssandraOperator.enabled }}
+{{ else }}
apiVersion: batch/v1beta1
kind: CronJob
metadata:
@@ -243,3 +245,4 @@ spec:
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-backup-data
{{- end -}}
+{{- end -}} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/templates/backup/pv.yaml b/kubernetes/common/cassandra/templates/backup/pv.yaml
index 10c310077b..23e4551c10 100644
--- a/kubernetes/common/cassandra/templates/backup/pv.yaml
+++ b/kubernetes/common/cassandra/templates/backup/pv.yaml
@@ -14,6 +14,8 @@
# limitations under the License.
*/}}
{{- if .Values.backup.enabled }}
+{{- if .Values.k8ssandraOperator.enabled }}
+{{ else }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
{{- if eq "True" (include "common.needPV" .) -}}
---
@@ -39,3 +41,4 @@ spec:
{{- end -}}
{{- end -}}
{{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/cassandra/templates/backup/pvc.yaml b/kubernetes/common/cassandra/templates/backup/pvc.yaml
index 6fd53618bc..e60a1db510 100644
--- a/kubernetes/common/cassandra/templates/backup/pvc.yaml
+++ b/kubernetes/common/cassandra/templates/backup/pvc.yaml
@@ -14,6 +14,8 @@
# limitations under the License.
*/}}
{{- if .Values.backup.enabled }}
+{{- if .Values.k8ssandraOperator.enabled }}
+{{ else }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
---
kind: PersistentVolumeClaim
@@ -39,3 +41,4 @@ spec:
storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
{{- end -}}
+{{- end -}}
diff --git a/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml b/kubernetes/common/cassandra/templates/cassOp.yaml
index 656aa1746d..cb6ce4adc5 100644
--- a/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml
+++ b/kubernetes/common/cassandra/templates/cassOp.yaml
@@ -1,6 +1,5 @@
{{/*
-# Copyright © 2017 Amdocs
-# Modifications © 2020 Orange
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,4 +14,6 @@
# limitations under the License.
*/}}
-{{ include "aaf.deployment" . }}
+{{- if .Values.k8ssandraOperator.enabled }}
+{{ include "common.k8ssandraCluster" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/templates/configmap.yaml b/kubernetes/common/cassandra/templates/configmap.yaml
index ab08c82fef..8f2b39e1a1 100644
--- a/kubernetes/common/cassandra/templates/configmap.yaml
+++ b/kubernetes/common/cassandra/templates/configmap.yaml
@@ -1,3 +1,4 @@
+{{- if not .Values.k8ssandraOperator.enabled }}
{{- if .Values.configOverrides }}
apiVersion: v1
kind: ConfigMap
@@ -25,3 +26,4 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/docker-entrypoint.sh").AsConfig . | indent 2 }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pv.yaml b/kubernetes/common/cassandra/templates/ingress.yaml
index 22acb2a609..97d6155a09 100644
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pv.yaml
+++ b/kubernetes/common/cassandra/templates/ingress.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright 2018 Intel Corporation, Inc
+# Copyright (C) 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,4 +14,4 @@
# limitations under the License.
*/}}
-{{ include "common.PV" . }}
+{{ include "common.ingress" . }}
diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml
index a0d998cd07..8e2ad663c3 100644
--- a/kubernetes/common/cassandra/templates/pv.yaml
+++ b/kubernetes/common/cassandra/templates/pv.yaml
@@ -13,5 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
+{{- if not .Values.k8ssandraOperator.enabled }}
{{ include "common.replicaPV" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/portal/templates/secrets.yaml b/kubernetes/common/cassandra/templates/secrets.yaml
index 34932b713d..b776caf6b6 100644
--- a/kubernetes/portal/templates/secrets.yaml
+++ b/kubernetes/common/cassandra/templates/secrets.yaml
@@ -1,5 +1,7 @@
{{/*
-# Copyright © 2020 Samsung Electronics
+# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Samsung Electronics
+# Copyright © 2019-2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,4 +16,6 @@
# limitations under the License.
*/}}
+{{- if .Values.k8ssandraOperator.enabled }}
{{ include "common.secretFast" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/templates/service.yaml b/kubernetes/common/cassandra/templates/service.yaml
index 8934d41c33..092c677812 100644
--- a/kubernetes/common/cassandra/templates/service.yaml
+++ b/kubernetes/common/cassandra/templates/service.yaml
@@ -14,4 +14,6 @@
# limitations under the License.
*/}}
+{{- if not .Values.k8ssandraOperator.enabled }}
{{ include "common.headlessService" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/templates/servicemonitor.yaml b/kubernetes/common/cassandra/templates/servicemonitor.yaml
index 5297e692d2..759586fcdb 100644
--- a/kubernetes/common/cassandra/templates/servicemonitor.yaml
+++ b/kubernetes/common/cassandra/templates/servicemonitor.yaml
@@ -14,6 +14,8 @@
# limitations under the License.
*/}}
+{{- if not .Values.k8ssandraOperator.enabled }}
{{- if .Values.metrics.serviceMonitor.enabled }}
{{ include "common.serviceMonitor" . }}
+{{- end }}
{{- end }} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml
index 43367ee542..2e73309bb7 100644
--- a/kubernetes/common/cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/cassandra/templates/statefulset.yaml
@@ -14,6 +14,7 @@
# limitations under the License.
*/}}
+{{- if not .Values.k8ssandraOperator.enabled }}
apiVersion: apps/v1
kind: StatefulSet
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
@@ -214,3 +215,4 @@ spec:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml
index 43ff171abb..13137a182b 100644
--- a/kubernetes/common/cassandra/values.yaml
+++ b/kubernetes/common/cassandra/values.yaml
@@ -22,6 +22,53 @@ global: # global defaults
backup:
mountPath: /dockerdata-nfs/backup
+k8ssandraOperator:
+ enabled: false
+ cassandraVersion: 4.0.1
+ persistence:
+ storageClassName: default
+ size: 10Gi
+ config:
+ clusterName: cassandra
+ secretName: &secretName cassandra-default-user
+ superuserName: &superusername cassandra
+ superuserPassword: &superuserpassword cassandra
+ casOptions:
+ authorizer: AllowAllAuthorizer
+ jvmOptions:
+ heapSize: 512M
+ hostNetwork: false
+ datacenters:
+ - name: dc1
+ size: 3
+ stargate:
+ tag: v1.0.76
+ size: 1
+ jvmOptions:
+ heapSize: 384Mi
+
+#################################################################
+# Secrets metaconfig
+# used to store the default superuser for k8ssandra-operator
+#################################################################
+secrets:
+ - uid: *secretName
+ type: genericKV
+ externalSecret: '{{ tpl (default "" .Values.k8ssandraOperator.config.userCredentialsExternalSecret) . }}'
+ envs:
+ - name: username
+ value: *superusername
+ - name: password
+ value: *superuserpassword
+
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "reaper-dc1"
+ path: "/webui"
+ name: "cassandra-dc1-reaper-service"
+ port: 8080
+
# application image
image: cassandra:3.11.4
pullPolicy: Always
@@ -108,9 +155,6 @@ podManagementPolicy: OrderedReady
updateStrategy:
type: RollingUpdate
-ingress:
- enabled: false
-
persistence:
enabled: true
diff --git a/kubernetes/common/common/templates/_cassOp.tpl b/kubernetes/common/common/templates/_cassOp.tpl
new file mode 100644
index 0000000000..f1fc75c5e5
--- /dev/null
+++ b/kubernetes/common/common/templates/_cassOp.tpl
@@ -0,0 +1,51 @@
+{{/* Cassandra Data Center. */}}
+{{- define "common.k8ssandraCluster" -}}
+{{- $global := .Values.global }}
+---
+apiVersion: k8ssandra.io/v1alpha1
+kind: K8ssandraCluster
+metadata:
+ name: {{ .Values.k8ssandraOperator.config.clusterName }}
+spec:
+ reaper:
+ containerImage:
+ registry: {{ include "repositoryGenerator.dockerHubRepository" . }}
+ heapSize: 512Mi
+ autoScheduling:
+ enabled: true
+ stargate:
+ containerImage:
+ registry: {{ include "repositoryGenerator.dockerHubRepository" . }}
+ tag: {{ .Values.k8ssandraOperator.stargate.tag }}
+ size: {{ .Values.k8ssandraOperator.stargate.size }}
+ heapSize: {{ .Values.k8ssandraOperator.stargate.jvmOptions.heapSize }}
+ cassandra:
+ serverVersion: {{ .Values.k8ssandraOperator.cassandraVersion }}
+ storageConfig:
+ cassandraDataVolumeClaimSpec:
+ storageClassName: {{ .Values.k8ssandraOperator.persistence.storageClassName }}
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: {{ .Values.k8ssandraOperator.persistence.size }}
+ superuserSecretRef:
+ name: {{ include "common.fullname" . }}-{{ .Values.k8ssandraOperator.config.secretName }}
+ config:
+ {{ if .Values.k8ssandraOperator.config.casOptions -}}
+ cassandraYaml:
+ {{ toYaml .Values.k8ssandraOperator.config.casOptions | nindent 8 }}
+ {{- end }}
+ {{ if .Values.k8ssandraOperator.config.jvmOptions -}}
+ jvmOptions:
+ {{ toYaml .Values.k8ssandraOperator.config.jvmOptions | nindent 8 }}
+ {{- end }}
+ networking:
+ hostNetwork: {{ .Values.k8ssandraOperator.config.hostNetwork }}
+ datacenters:
+ {{- range $datacenter := .Values.k8ssandraOperator.datacenters }}
+ - metadata:
+ name: {{ $datacenter.name }}
+ size: {{ $datacenter.size }}
+ {{- end }}
+{{ end }}
diff --git a/kubernetes/common/common/templates/_serviceMesh.tpl b/kubernetes/common/common/templates/_serviceMesh.tpl
index a3d269e4f2..de779f8db8 100644
--- a/kubernetes/common/common/templates/_serviceMesh.tpl
+++ b/kubernetes/common/common/templates/_serviceMesh.tpl
@@ -115,7 +115,7 @@ metadata:
spec:
selector:
matchLabels:
- app: {{ include "common.servicename" . }}
+ app: {{ include "common.name" . }}
action: ALLOW
rules:
{{- if $authorizedPrincipals }}
diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl
index e0a0ffdef0..a4eb1107a5 100644
--- a/kubernetes/common/postgres/templates/_deployment.tpl
+++ b/kubernetes/common/postgres/templates/_deployment.tpl
@@ -159,6 +159,49 @@ spec:
name: {{ include "common.fullname" $dot }}-backup
readOnly: true
resources: {{ include "common.resources" $dot | nindent 10 }}
+ {{- if (default false $dot.Values.metrics.enabled) }}
+ - name: {{ include "common.name" $dot }}-metrics
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ $dot.Values.metrics.image }}
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.metrics.pullPolicy | quote}}
+ env:
+ - name: POSTGRES_METRICS_EXTRA_FLAGS
+ value: {{ default "" (join " " $dot.Values.metrics.extraFlags) | quote }}
+ - name: DATA_SOURCE_USER
+ value: "{{ $dot.Values.metrics.postgresUser }}"
+ - name: DATA_SOURCE_PASS
+ {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 12 }}
+ command:
+ - sh
+ - -c
+ - |
+ DATA_SOURCE_URI="127.0.0.1:5432/?sslmode=disable" ./bin/postgres_exporter $POSTGRES_METRICS_EXTRA_FLAGS
+ ports:
+ {{- range $index, $metricPort := $dot.Values.metrics.ports }}
+ - name: {{ $metricPort.name }}
+ containerPort: {{ $metricPort.port }}
+ protocol: TCP
+ {{- end }}
+ livenessProbe:
+ httpGet:
+ path: /metrics
+ port: tcp-metrics
+ initialDelaySeconds: {{ $dot.Values.metrics.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ $dot.Values.metrics.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ $dot.Values.metrics.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ $dot.Values.metrics.livenessProbe.successThreshold }}
+ failureThreshold: {{ $dot.Values.metrics.livenessProbe.failureThreshold }}
+ readinessProbe:
+ httpGet:
+ path: /metrics
+ port: tcp-metrics
+ initialDelaySeconds: {{ $dot.Values.metrics.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ $dot.Values.metrics.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ $dot.Values.metrics.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ $dot.Values.metrics.readinessProbe.successThreshold }}
+ failureThreshold: {{ $dot.Values.metrics.readinessProbe.failureThreshold }}
+ {{ include "common.containerSecurityContext" $dot | indent 10 | trim }}
+ resources: {{- toYaml $dot.Values.metrics.resources | nindent 12 }}
+ {{ end }}
{{- if $dot.Values.nodeSelector }}
nodeSelector:
{{ toYaml $dot.Values.nodeSelector | indent 10 }}
diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/configmap.yaml b/kubernetes/common/postgres/templates/metrics-svc-primary.yaml
index 471c9094aa..790dd4757b 100644
--- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/configmap.yaml
+++ b/kubernetes/common/postgres/templates/metrics-svc-primary.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright 2018 Intel Corporation, Inc
+# Copyright © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,15 +14,23 @@
# limitations under the License.
*/}}
+{{- if default false .Values.metrics.enabled }}
apiVersion: v1
-kind: ConfigMap
+kind: Service
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ .Values.service.name2 }}-metrics
namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ labels: {{- include "common.labels" . | nindent 4 }}
+ {{- if .Values.metrics.service.annotations }}
+ annotations: {{- include "common.tplValue" (dict "value" .Values.metrics.service.annotations "context" .) | nindent 4 }}
+ {{- end }}
+spec:
+ type: {{ .Values.metrics.service.type2 }}
+ ports:
+ - name: tcp-metrics
+ port: {{ .Values.metrics.service.port2 }}
+ targetPort: tcp-metrics
+ selector:
+ name: {{ .Values.container.name.primary }}
release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} \ No newline at end of file
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/consul/templates/secrets.yaml b/kubernetes/common/postgres/templates/metrics-svc-replica.yaml
index 27cfbf00d0..5aa8d76185 100644
--- a/kubernetes/consul/templates/secrets.yaml
+++ b/kubernetes/common/postgres/templates/metrics-svc-replica.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+# Copyright © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,15 +14,23 @@
# limitations under the License.
*/}}
+{{- if default false .Values.metrics.enabled }}
apiVersion: v1
-kind: Secret
+kind: Service
metadata:
- name: {{ include "common.fullname" . }}-certs-secret
+ name: {{ .Values.service.name3 }}-metrics
namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ labels: {{- include "common.labels" . | nindent 4 }}
+ {{- if .Values.metrics.service.annotations }}
+ annotations: {{- include "common.tplValue" (dict "value" .Values.metrics.service.annotations "context" .) | nindent 4 }}
+ {{- end }}
+spec:
+ type: {{ .Values.metrics.service.type3 }}
+ ports:
+ - name: tcp-metrics
+ port: {{ .Values.metrics.service.port3 }}
+ targetPort: tcp-metrics
+ selector:
+ name: {{ .Values.container.name.replica }}
release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/consul-agent-config/certs/*").AsSecrets . | indent 2 }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cass/templates/pvc.yaml b/kubernetes/common/postgres/templates/servicemonitor.yaml
index e56c98751c..73faba61d0 100644
--- a/kubernetes/aaf/components/aaf-cass/templates/pvc.yaml
+++ b/kubernetes/common/postgres/templates/servicemonitor.yaml
@@ -1,6 +1,5 @@
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 Orange
+# Copyright © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,4 +14,6 @@
# limitations under the License.
*/}}
-{{ include "common.PVC" . }}
+{{- if .Values.metrics.serviceMonitor.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }}
diff --git a/kubernetes/common/postgres/values.yaml b/kubernetes/common/postgres/values.yaml
index 93f6d66385..51b77593aa 100644
--- a/kubernetes/common/postgres/values.yaml
+++ b/kubernetes/common/postgres/values.yaml
@@ -149,3 +149,101 @@ resources:
cpu: 1
memory: 2Gi
unlimited: {}
+
+metrics:
+ enabled: false
+ ## Bitnami Postgres Prometheus exporter image
+ ## ref: https://hub.docker.com/r/bitnami/postgres-exporter/tags/
+ ##
+ image: bitnami/postgres-exporter:0.11.1
+ pullPolicy: Always
+ ports:
+ - name: tcp-metrics
+ port: 9187
+ ## Postgres exporter additional command line flags
+ ## Can be used to specify command line flags
+ ## E.g.:
+ ## extraFlags:
+ ## - --collect.binlog_size
+ ##
+ extraFlags: []
+ ## Postgres Prometheus exporter containers' resource requests and limits
+ ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ ##
+ resources:
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ limits:
+ cpu: 0.5
+ memory: 256Mi
+ requests:
+ cpu: 0.5
+ memory: 256Mi
+ ## Postgres metrics container's liveness and readiness probes
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
+ ##
+ postgresUser: "postgres"
+ livenessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 180
+ successThreshold: 1
+ failureThreshold: 3
+ readinessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 180
+ successThreshold: 1
+ failureThreshold: 3
+ ## Postgres Prometheus exporter service parameters
+ ##
+ service:
+ type2: ClusterIP
+ port2: 9187
+ type3: ClusterIP
+ port3: 9187
+ annotations:
+ prometheus.io/scrape: "true"
+ prometheus.io/port: "9187"
+ serviceMonitor:
+ enabled: false
+ basicAuth:
+ enabled: false
+ ## Namespace in which Prometheus is running
+ ##
+ ## namespace: monitoring
+ ##
+ ## Interval at which metrics should be scraped.
+ ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
+ ##
+ ## interval: 10s
+ ##
+ ## Timeout after which the scrape is ended
+ ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
+ ##
+ ## scrapeTimeout: 10s
+ ## Add your label under which prometheus is discovering resources
+ ## labels:
+ ## release: kube-prometheus-stack
+ ##
+ ## ServiceMonitor selector labels
+ ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
+ ##
+ ## selector:
+ ## monitoring: enabled
+ ##
+ ## RelabelConfigs to apply to samples before scraping
+ ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
+ ## Value is evalued as a template
+ ##
+ relabelings: []
+ ##
+ ## MetricRelabelConfigs to apply to samples before ingestion
+ ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
+ ## Value is evalued as a template
+ ##
+ metricRelabelings: []
diff --git a/kubernetes/consul/.helmignore b/kubernetes/consul/.helmignore
deleted file mode 100644
index 7ddbad7ef4..0000000000
--- a/kubernetes/consul/.helmignore
+++ /dev/null
@@ -1,22 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-components/
diff --git a/kubernetes/consul/Chart.yaml b/kubernetes/consul/Chart.yaml
deleted file mode 100644
index 0000463560..0000000000
--- a/kubernetes/consul/Chart.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Consul Agent
-name: consul
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: consul-server
- version: ~12.x-0
- repository: 'file://components/consul-server'
- condition: consul-server.enabled
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local' \ No newline at end of file
diff --git a/kubernetes/consul/Makefile b/kubernetes/consul/Makefile
deleted file mode 100644
index c483a02eab..0000000000
--- a/kubernetes/consul/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/consul/components/Makefile b/kubernetes/consul/components/Makefile
deleted file mode 100644
index fa3c4b9af9..0000000000
--- a/kubernetes/consul/components/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/consul/components/consul-server/Chart.yaml b/kubernetes/consul/components/consul-server/Chart.yaml
deleted file mode 100644
index 8eb28ce1d4..0000000000
--- a/kubernetes/consul/components/consul-server/Chart.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Consul Server
-name: consul-server
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local' \ No newline at end of file
diff --git a/kubernetes/consul/components/consul-server/templates/NOTES.txt b/kubernetes/consul/components/consul-server/templates/NOTES.txt
deleted file mode 100644
index 157fe92427..0000000000
--- a/kubernetes/consul/components/consul-server/templates/NOTES.txt
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/consul/components/consul-server/templates/service.yaml b/kubernetes/consul/components/consul-server/templates/service.yaml
deleted file mode 100644
index c24ddfb7e4..0000000000
--- a/kubernetes/consul/components/consul-server/templates/service.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- clusterIP: None
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-ui
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type2 }}
- ports:
- {{if eq .Values.service.type2 "NodePort" -}}
- - port: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName2 }}
- {{- else -}}
- - port: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/consul/components/consul-server/templates/statefulset.yaml b/kubernetes/consul/components/consul-server/templates/statefulset.yaml
deleted file mode 100644
index 8e872b9c87..0000000000
--- a/kubernetes/consul/components/consul-server/templates/statefulset.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- serviceName: {{ include "common.servicename" . }}
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- securityContext:
- runAsUser: {{ .Values.securityContext.runAsUser }}
- runAsGroup: {{ .Values.securityContext.runAsGroup }}
- command: ["/usr/local/bin/docker-entrypoint.sh"]
- args:
- - "agent"
- - "-bootstrap-expect={{ .Values.replicaCount }}"
- - "-enable-script-checks"
-{{- $fullname := include "common.fullname" . -}}
-{{- $servname := include "common.servicename" . -}}
-{{- range $i,$t := until (int .Values.replicaCount)}}
- - "-retry-join={{ $fullname }}-{{$i}}.{{ $servname }}"
-{{- end }}
- - "-client=0.0.0.0"
- - "-server"
- - "-ui"
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- resources: {{ include "common.resources" . | nindent 10 }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
diff --git a/kubernetes/consul/components/consul-server/values.yaml b/kubernetes/consul/components/consul-server/values.yaml
deleted file mode 100644
index d4e649444a..0000000000
--- a/kubernetes/consul/components/consul-server/values.yaml
+++ /dev/null
@@ -1,100 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/oom/consul:2.1.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 3
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 5
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 5
-
-service:
- type: ClusterIP
- name: consul-server
- portName: consul-join
- internalPort: 8301
- type2: ClusterIP
- portName2: consul-ui
- internalPort2: 8500
- nodePort2: 70
-
-ingress:
- enabled: false
-
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 30m
- memory: 25Mi
- large:
- limits:
- cpu: 2
- memory: 4Gi
- requests:
- cpu: 1
- memory: 2Gi
- unlimited: {}
-
-securityContext:
- fsGroup: 1000
- runAsUser: 100
- runAsGroup: 1000
-
-#Pods Service Account
-serviceAccount:
- nameOverride: consul-server
- roles:
- - read
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aaf-service-health.json b/kubernetes/consul/resources/config/consul-agent-config/aaf-service-health.json
deleted file mode 100755
index cd715f8b6a..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/aaf-service-health.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
- "service": {
- "name": "Health Check: Application Authorization Framework",
- "checks": [
- {
- "id": "aaf-service",
- "name": "AAF Service Health Check",
- "http": "https://aaf-service:8100/authz/perms/user/demo@people.osaaf.org",
- "header": {
- "Authorization": ["Basic ZGVtb0BwZW9wbGUub3NhYWYub3JnOmRlbW8xMjM0NTYh"],
- "X-TransactionId": ["ConsulHealthCheck"],
- "X-FromAppId": ["healthcheck"]
- },
- "tls_skip_verify": true,
- "interval": "20s",
- "timeout": "5s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aaf-sms-health.json b/kubernetes/consul/resources/config/consul-agent-config/aaf-sms-health.json
deleted file mode 100644
index 965732da5d..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/aaf-sms-health.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
- "service": {
- "name": "Health Check: Secret Management Service (sms)",
- "check":[
- {
- "id" : "aaf-sms-health",
- "name": "SMS Health Check",
- "http": "https://aaf-sms.{{ .Release.Namespace }}:10443/v1/sms/healthcheck",
- "tls_skip_verify": true,
- "method": "GET",
- "interval": "20s",
- "timeout": "5s"
- }
- ]
- }
-}
-
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-data-router-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-data-router-health.json
deleted file mode 100644
index be41934e77..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-data-router-health.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "service": {
- "name": "A&AI Synapse Data Routing Service",
- "checks": [
- {
- "id": "data-router-process",
- "name": "Synapse Presence",
- "script": "/consul/scripts/data-router-script.sh",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-model-loader-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-model-loader-health.json
deleted file mode 100644
index 044a844e35..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-model-loader-health.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "service": {
- "name": "A&AI Model Loader",
- "checks": [
- {
- "id": "model-loader-process",
- "name": "Model Loader Presence",
- "script": "/consul/scripts/model-loader-script.sh",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json
deleted file mode 100644
index 0817a19cf0..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json
+++ /dev/null
@@ -1,33 +0,0 @@
-{
- "service": {
- "name": "A&AI Search Data Service",
- "checks": [
- {
- "id": "elasticsearch",
- "name": "Search Data Service Document Store",
- "http": "http://aai-elasticsearch:9200/_cat/indices?v",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "elasticsearch-write-health",
- "name": "Search Data Service Document Store Write Test",
- "script": "/consul/scripts/aai-search-storage-write-script.sh",
- "interval": "60s"
- },
- {
- "id": "search-data-service-availability",
- "name": "Search Data Service Availability",
- "script": "curl -k --cert /consul/certs/client-cert-onap.crt.pem --cert-type PEM --key /consul/certs/client-cert-onap.key.pem --key-type PEM https://search-data-service:9509/services/search-data-service/v1/jaxrsExample/jaxrs-services/echo/up 2>&1 | grep 'Up'",
- "interval": "15s"
- },
- {
- "id": "search-data-service-api",
- "name": "Search Data Service Operational Test",
- "script": "/consul/scripts/search-data-service-availability.sh",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json
deleted file mode 100644
index 99acff4e61..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json
+++ /dev/null
@@ -1,46 +0,0 @@
-{
- "service": {
- "name": "Active and Available Inventory",
- "checks": [
- {
- "id": "aai-service",
- "name": "Core A&AI",
- "http": "https://aai.{{ .Release.Namespace }}:8443/aai/util/echo",
- "header": {
- "Authorization": ["Basic QUFJOkFBSQ=="],
- "X-TransactionId": ["ConsulHealthCheck"],
- "X-FromAppId": ["healthcheck"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "aai-resources",
- "name": "Resources Microservice",
- "http": "https://aai-resources.{{ .Release.Namespace }}:8447/aai/util/echo",
- "header": {
- "Authorization": ["Basic QUFJOkFBSQ=="],
- "X-TransactionId": ["ConsulHealthCheck"],
- "X-FromAppId": ["healthcheck"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "aai-traversal",
- "name": "Traversal Microservice",
- "http": "https://aai-traversal.{{ .Release.Namespace }}:8446/aai/util/echo",
- "header": {
- "Authorization": ["Basic QUFJOkFBSQ=="],
- "X-TransactionId": ["ConsulHealthCheck"],
- "X-FromAppId": ["healthcheck"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-sparky-be-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-sparky-be-health.json
deleted file mode 100644
index bf6305c1d0..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-sparky-be-health.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "service": {
- "name": "A&AI UI Backend Service",
- "checks": [
- {
- "id": "sparky-be-process",
- "name": "UI Backend Presence",
- "script": "/consul/scripts/sparky-be-script.sh",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.crt.pem b/kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.crt.pem
deleted file mode 100644
index b842710c11..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.crt.pem
+++ /dev/null
@@ -1,25 +0,0 @@
-Bag Attributes
- friendlyName: tomcat
- localKeyID: 54 69 6D 65 20 31 34 39 33 33 32 33 39 32 32 37 35 31
-subject=/C=CA/ST=Ontario/L=Ottawa/O=ONAP/OU=ONAP/CN=ONAP
-issuer=/C=CA/ST=Ontario/L=Ottawa/O=ONAP/OU=ONAP/CN=ONAP
------BEGIN CERTIFICATE-----
-MIIDWTCCAkGgAwIBAgIERWHcIzANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJD
-QTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMQ0wCwYDVQQKEwRP
-TkFQMQ0wCwYDVQQLEwRPTkFQMQ0wCwYDVQQDEwRPTkFQMB4XDTE3MDQyNzIwMDUz
-N1oXDTM3MDExMjIwMDUzN1owXTELMAkGA1UEBhMCQ0ExEDAOBgNVBAgTB09udGFy
-aW8xDzANBgNVBAcTBk90dGF3YTENMAsGA1UEChMET05BUDENMAsGA1UECxMET05B
-UDENMAsGA1UEAxMET05BUDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AJsQpjB5U0exZHWKVt6xDzmBBhLiAtv7Qb8zsbAcIZPxuKsieOJykWDCaf+Ip7oe
-+b86nf4LmKrNm4KMsDNnlU7Bg7+3HFa7m+tZgfILORv2HPMRXgvcqPFr1dxgTBkp
-xtlcGXHhA8oBpmqTmOCitE+ngVH+FBVxN93aHEDz+Dgc06PyzoP/xWI0GjvlOsv/
-qZeXCj6K4Hpu/FSPNk06Piq9M+rDwUMuyaRtY9FWjYMvkMCrRvlZUoAasrC0BGyR
-UAboHdk5aW3AZ0cVR6NMSlELcvCUFqzacAOWLgffX3b5vhkOaAsmnnzmxANV6s0t
-SqrD6Mmjg5OcYJW4VFKrwjUCAwEAAaMhMB8wHQYDVR0OBBYEFNji+IU70Qgptn4i
-boq/rOKNAg8tMA0GCSqGSIb3DQEBCwUAA4IBAQBc5mJLeeUUzJ4MujZjn0DS3Lvv
-THJTE54Id1euT3ddzfX3htF0Ewd90YzmLuj1y8r8PXj7b/8Bq+cvoKbmJ42c8h3X
-If0tqde+gYWx1X3NAWHwz00Cje9R0KY4Bx1Cvr39jTw/ESnuSQDKPHBnn8WyAS9K
-08ZhvrVSK54d3U7tDVut9UVva8Scdi12utTAWaOIlusLo3bU9Z6t+tgg7AnQBYc0
-N9oCMbq/MACFlLSdc1J6NITYS8XHY2RS8u88eLbWkCcEEx1glYz/PMX3+V1Ow9Uy
-MjenEx8ifl96ZSOe9XsI2gl2TCaevCY/QuREu4LZB9XmO0gncH7gF5w9Bw2b
------END CERTIFICATE-----
diff --git a/kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.key.pem b/kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.key.pem
deleted file mode 100644
index 95de561981..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/certs/client-cert-onap.key.pem
+++ /dev/null
@@ -1,32 +0,0 @@
-Bag Attributes
- friendlyName: tomcat
- localKeyID: 54 69 6D 65 20 31 34 39 33 33 32 33 39 32 32 37 35 31
-Key Attributes: <No Attributes>
------BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCbEKYweVNHsWR1
-ilbesQ85gQYS4gLb+0G/M7GwHCGT8birInjicpFgwmn/iKe6Hvm/Op3+C5iqzZuC
-jLAzZ5VOwYO/txxWu5vrWYHyCzkb9hzzEV4L3Kjxa9XcYEwZKcbZXBlx4QPKAaZq
-k5jgorRPp4FR/hQVcTfd2hxA8/g4HNOj8s6D/8ViNBo75TrL/6mXlwo+iuB6bvxU
-jzZNOj4qvTPqw8FDLsmkbWPRVo2DL5DAq0b5WVKAGrKwtARskVAG6B3ZOWltwGdH
-FUejTEpRC3LwlBas2nADli4H3192+b4ZDmgLJp585sQDVerNLUqqw+jJo4OTnGCV
-uFRSq8I1AgMBAAECggEANFs6wcM1S0+qC8XZ7vb5nQDjfByzunLrkBN0O3JEJB/J
-qn7JMixcyb7a61zIxR8QVHEGR3DC62jgyQOXusOOtjjAs0qwVtihnKVsKr1/WuGO
-hMOobXjj0iAG5ZHeH+DrMxjVvo2rKdnExtdvFunY18xG7dhMD7Fam525THUTql4K
-yxhT7X6MrfS1eFjbR6oAIGNjoNTwyyEjEm4yvHO3PnG2NeyIeu7zIO2k+GimAAXT
-tN3AK30lmr3+35k6o+XQAhDE4/6msn6jBVSdLfK35ATFGwrojD0bCgALR4SUNEyd
-i33nuNLGyeI7DPWbqmjyWQW9uWLFJD85We2HzqBZQQKBgQDIrJ4PLvYE75dFWnSa
-lBr1HZbl/x5mP56MVEiwTabRbUsJoXKlX44lm9hwQaPbuoUAflb1ZtNKbyiRVsuN
-Ft5RToU9PWXyFtc2eyLCJToxHI4MhsuGRAaEeic5+l12wdpRxl74eeXdKJK4P/iU
-8wdhSxDG2ekkj6lyye5l5iwcBwKBgQDF0Pptcs+yPCz9FRqCmHT/I4QTK1VSD6mW
-F2Yd2KEUa4aocIb+L56ghJfYR+enIe9hHmb0ulomJaLLTicZJk6ffDfaQpCFBiS7
-BirDqHX8zlnBHePrBzZPyA5EfGMLxlP4uUk4g28JMFBJaZTEXAnQLUH0mIm0o0YR
-mbsaVo/Y4wKBgFsG8iuxAaf7hoLPJVV5GUFWyrxJnWCEO0csdEyE7MbS7NbRhU++
-qJwmtWc2Xz2svegbZxaqLe31vlEvLeYyGWaIV6gP0c6ezcDI2lt2x46/hS/pdSjS
-cqJlRqXmC79y77VoZmwP31USsnshiYEHPLHFeza4YilTgWmwb5OJdTjBAoGBAJBC
-0P7UhedjvyNqKoUnDdurWPxp07Ueuvw8YDpP61jq+a8JMUlaDQLe76XI+oWGV/6p
-n0fGR0weklRV0Gmk6B2jB1BizuZUDqFd4/4ActtE2WvekoKqJc+VA+KqG8lQf5iZ
-924BXA6Fb2e6WcXBoV5yQvFP9M0JbWYUiMCydAElAoGBAKof78r8POfTPq9fQA9I
-0zsQGnxqnSqyIu5yobM3GyXHBPOKdevlxyXxuMnGTr7upSNZrDrrA+f5Czlu7Fas
-qdt/5PmqYQjRsVoHNQFatUzHWwx2vU2Pr1jBpZFBpnjnLwn3A35+UEWn13nCjkla
-TrDniEcyId4ya5cMLDnM7Zgw
------END PRIVATE KEY-----
diff --git a/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json b/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json
deleted file mode 100644
index 5fb57b4b6b..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
- "service": {
- "name": "Health Check: CLAMP",
- "check":[
- {
- "id" : "clamp-health",
- "name": "Clamp Health Check",
- "http": "http://clamp:8080/restservices/clds/v1/clds/healthcheck",
- "tls_skip_verify": true,
- "method": "GET",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
- }
-}
-
diff --git a/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json b/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json
deleted file mode 100644
index f5ae467d74..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json
+++ /dev/null
@@ -1,16 +0,0 @@
-{
- "service": {
- "name": "Health Check: CLAMP - MariaDb",
- "checks": [
- {
- "id": "clamp-mariadb",
- "name": "CLAMP Mariadb Health Check",
- "script": "/consul/scripts/clamp-mariadb-script.sh",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
-
- }
-}
-
diff --git a/kubernetes/consul/resources/config/consul-agent-config/cli-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/cli-health-check.json
deleted file mode 100644
index 81e55cb871..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/cli-health-check.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
- "service": {
- "name": "Health Check: ONAP CLI",
- "checks": [
- {
- "id": "cli",
- "name": "CLI Health Check",
- "http": "http://cli.{{include "common.namespace" .}}:8080",
- "method": "GET",
- "interval": "3600s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json b/kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json
deleted file mode 100644
index 6e580579e1..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
- "service": {
- "name": "Health Check: Log - Elastic Search",
- "checks": [
- {
- "id": "log-elasticsearch-server",
- "name": "Log Elastic Search Health Check",
- "http": "http://log-es:9200/_cluster/health?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-elasticsearch-tcp",
- "name": "Log Elastic Search TCP Health Check",
- "tcp": "log-es-tcp:9300",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/log-kibana.json b/kubernetes/consul/resources/config/consul-agent-config/log-kibana.json
deleted file mode 100644
index 6bca63f7bf..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/log-kibana.json
+++ /dev/null
@@ -1,16 +0,0 @@
-{
- "service": {
- "name": "Health Check: Log - Kibana",
- "checks": [
- {
- "id": "log-kibana-server",
- "name": "Log kibana Health Check",
- "http": "http://log-kibana:5601/status",
- "method": "HEAD",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/log-logstash.json b/kubernetes/consul/resources/config/consul-agent-config/log-logstash.json
deleted file mode 100644
index ea32ecfe2a..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/log-logstash.json
+++ /dev/null
@@ -1,95 +0,0 @@
-{
- "service": {
- "name": "Health Check: Log - Log Stash",
- "checks": [
- {
- "id": "log-logstash-internal-server-gi",
- "name": "Log Stash Health Check - General Information",
- "http": "http://log-ls-http:9600/?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-node-info",
- "name": "Log Stash Health Check - Node Information",
- "http": "http://log-ls-http:9600/_node/?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-os-info",
- "name": "Log Stash Health Check - OS Information",
- "http": "http://log-ls-http:9600/_node/os?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-jvm-info",
- "name": "Log Stash Health Check - JVM Information",
- "http": "http://log-ls-http:9600/_node/jvm?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-plugin-info",
- "name": "Log Stash Health Check - Plugin Information",
- "http": "http://log-ls-http:9600/_node/plugins?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-node-stat",
- "name": "Log Stash Health Check - Node Stats",
- "http": "http://log-ls-http:9600/_node/stats?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-jvm-stat",
- "name": "Log Stash Health Check - JVM Stats",
- "http": "http://log-ls-http:9600/_node/stats/jvm?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-process-stat",
- "name": "Log Stash Health Check - Process Stats",
- "http": "http://log-ls-http:9600/_node/stats/process?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-internal-server-os-stat",
- "name": "Log Stash Health Check - OS Stats",
- "http": "http://log-ls-http:9600/_node/stats/os?pretty",
- "method": "GET",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "log-logstash-tcp",
- "name": "Log Stash File Beat TCP Health Check",
- "tcp": "log-ls:5044",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/model-loader.properties b/kubernetes/consul/resources/config/consul-agent-config/model-loader.properties
deleted file mode 100644
index aae18b1e98..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/model-loader.properties
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-# Model Loader Distribution Client Configuration
-ml.distribution.ACTIVE_SERVER_TLS_AUTH=false
-ml.distribution.ASDC_ADDRESS=c2.vm1.sdc.simpledemo.openecomp.org:8443
-ml.distribution.CONSUMER_GROUP=aai-ml-group
-ml.distribution.CONSUMER_ID=aai-ml
-ml.distribution.ENVIRONMENT_NAME=AUTO
-ml.distribution.KEYSTORE_PASSWORD=
-ml.distribution.KEYSTORE_FILE=asdc-client.jks
-ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp
-ml.distribution.POLLING_INTERVAL=30
-ml.distribution.POLLING_TIMEOUT=20
-ml.distribution.USER=aai
-ml.distribution.ARTIFACT_TYPES=MODEL_INVENTORY_PROFILE,MODEL_QUERY_SPEC,VNF_CATALOG
-
-# Model Loader AAI REST Client Configuration
-ml.aai.BASE_URL=https://c1.vm1.aai.simpledemo.openecomp.org:8443
-ml.aai.MODEL_URL=/aai/v10/service-design-and-creation/models/model/
-ml.aai.NAMED_QUERY_URL=/aai/v10/service-design-and-creation/named-queries/named-query/
-ml.aai.VNF_IMAGE_URL=/aai/v8/service-design-and-creation/vnf-images
-ml.aai.KEYSTORE_FILE=aai-os-cert.p12
-ml.aai.KEYSTORE_PASSWORD=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
-ml.aai.AUTH_USER=ModelLoader
-ml.aai.AUTH_PASSWORD=OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw
diff --git a/kubernetes/consul/resources/config/consul-agent-config/mr-health.json b/kubernetes/consul/resources/config/consul-agent-config/mr-health.json
deleted file mode 100644
index d8c056f006..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/mr-health.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
- "service": {
- "name": "Health Check: DMaaP",
- "checks":[
- {
- "id": "dmaap",
- "name": "Health Check: Message Router",
- "http": "http://message-router:3904/topics",
- "tls_skip_verify": true,
- "interval": "30s",
- "timeout": "1s"
- },
- {
- "id": "mr-zookeeper",
- "name": "Health Check: Message Router - ZooKeeper",
- "script": "/consul/scripts/mr-zookeeper-health.sh",
- "interval": "10s",
- "timeout": "5s"
- },
- {
- "id": "mr-kafka",
- "name": "Health Check: Message Router - Kafka",
- "script": "/consul/scripts/mr-kafka-health.sh",
- "interval": "30s",
- "timeout": "5s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/msb-health.json b/kubernetes/consul/resources/config/consul-agent-config/msb-health.json
deleted file mode 100644
index ad4e422be1..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/msb-health.json
+++ /dev/null
@@ -1,39 +0,0 @@
-{
- "service": {
- "name": "Health Check: MSB",
- "checks": [
- {
- "id": "msb-eag",
- "name": "MSB eag Health Check",
- "http": "http://msb-eag:80/iui/microservices/default.html",
- "method": "HEAD",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "msb-iag",
- "name": "MSB iag Health Check",
- "http": "http://msb-iag:80/iui/microservices/default.html",
- "method": "HEAD",
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "msb-consul",
- "name": "MSB consul Health Check",
- "tcp": "msb-consul:8500",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "msb-discovery",
- "name": "MSB discovery Health Check",
- "tcp": "msb-discovery:10081",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
deleted file mode 100644
index f6e48fac6b..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
+++ /dev/null
@@ -1,77 +0,0 @@
-{
- "service": {
- "name": "Health Check: MULTICLOUD",
- "checks": [
- {
- "id": "framework",
- "name": "Framework Health Check",
- "http": "http://framework:9001/api/multicloud/v0/swagger.json",
- "method": "HEAD",
- "header": {
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "multicloud-pike",
- "name": "Multicloud Pike Health Check",
- "http": "http://multicloud-pike:9007/api/multicloud-pike/v0/swagger.json",
- "method": "HEAD",
- "header": {
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "multicloud-starlingx",
- "name": "Multicloud Starlingx Health Check",
- "http": "http://multicloud-starlingx:9009/api/multicloud-starlingx/v0/swagger.json",
- "method": "HEAD",
- "header": {
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "multicloud-vio",
- "name": "Multicloud Vio Health Check",
- "http": "http://multicloud-vio:9004/api/multicloud-vio/v0/swagger.json",
- "method": "HEAD",
- "header": {
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "multicloud-windriver",
- "name": "Multicloud Windriver Health Check",
- "http": "http://multicloud-windriver:9005/api/multicloud-titaniumcloud/v1/swagger.json",
- "method": "HEAD",
- "header": {
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json b/kubernetes/consul/resources/config/consul-agent-config/policy-health.json
deleted file mode 100644
index 9cad9dc1d5..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json
+++ /dev/null
@@ -1,111 +0,0 @@
-{
- "service": {
- "name": "Health Check: Policy",
- "checks": [
- {
- "id": "Policy-mariadb-healthcheck",
- "name": "Policy Mariadb Health Check",
- "script": "/consul/scripts/policy-mariadb-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "policy-nexus-local-status",
- "name": "Policy Nexus Local Status",
- "http": "http://nexus:8081/nexus/service/local/status",
- "method": "GET",
- "header": {
- "Authorization": ["Basic YWRtaW46YWRtaW4xMjM="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "policy-nexus-internal-metrics",
- "name": "Policy Nexus Internal Metrics",
- "http": "http://nexus:8081/nexus/internal/metrics",
- "method": "GET",
- "header": {
- "Authorization": ["Basic YWRtaW46YWRtaW4xMjM="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "policy-nexus-internal-healthcheck",
- "name": "Policy Nexus Internal Healthcheck",
- "http": "http://nexus:8081/nexus/internal/healthcheck",
- "method": "GET",
- "header": {
- "Authorization": ["Basic YWRtaW46YWRtaW4xMjM="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "brmsgw-tcp",
- "name": "BRMSGW Health Check",
- "tcp": "brmsgw:9989",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "drools",
- "name": "Drools Health Check",
- "http": "https://drools:6969/healthcheck",
- "method": "GET",
- "header": {
- "Authorization": ["Basic ZGVtb0BwZW9wbGUub3NhYWYub3JnOmRlbW8xMjM0NTYh"],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "pap",
- "name": "PAP Health Check",
- "http": "https://pap:9091/pap/test",
- "method": "GET",
- "header": {
- "Authorization": ["Basic dGVzdHBhcDphbHBoYTEyMw=="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "pdp",
- "name": "PDP Health Check",
- "http": "https://pdp:8081/pdp/test",
- "method": "GET",
- "header": {
- "Authorization": ["Basic dGVzdHBkcDphbHBoYTEyMw=="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-doc.txt b/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-doc.txt
deleted file mode 100644
index a6e084cfea..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-doc.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-{
- "vnfId" : "testwrite",
- "device" : "10.198.1.31",
- "timestamp" : "2017-08-23T19:13:56Z",
- "jdmTotalMem" : "2097152",
- "jdmAvailableMem" : "1877272",
- "jdmUserCpu" : "16",
- "jdmSystemCpu" : "3"
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh
deleted file mode 100755
index 91223f527e..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-if curl -s -X PUT http://aai-elasticsearch:9200/searchhealth/stats/testwrite -d @/consul/scripts/aai-search-storage-write-doc.txt | grep '\"created\":true'; then
- if curl -s -X DELETE http://aai-elasticsearch:9200/searchhealth/stats/testwrite | grep '\"failed\":0'; then
- if curl -s -X GET http://aai-elasticsearch:9200/searchhealth/stats/testwrite | grep '\"found\":false'; then
- echo Successful PUT, DELETE, GET from Search Document Storage 2>&1
- exit 0
- else
- echo Failed GET from Search Document Storage 2>&1
- exit 1
- fi
- else
- echo Failed DELETE from Search Document Storage 2>&1
- exit 1
- fi
-else
- echo Failed PUT from Search Document Storage 2>&1
- exit 1
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh
deleted file mode 100644
index 1b721b363c..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-clampdb[^[:space:]]*")
-
- if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
- echo Success. CLAMP DBHost is running. 2>&1
- exit 0
- else
- echo Failed. CLAMP DBHost is not running. 2>&1
- exit 1
- fi
- else
- echo Failed. CLAMP DBHost is offline. 2>&1
- exit 1
- fi
-
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh
deleted file mode 100755
index 2e0078c72f..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "aai-data-router[^[:space:]]*")
-
-if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- ps -efww | grep 'java' | grep 'data-router' > /dev/null; then
-
- echo Success. Synapse process is running. 2>&1
- exit 0
- else
- echo Failed. Synapse process is not running. 2>&1
- exit 1
- fi
-else
- echo Failed. Synapse container is offline. 2>&1
- exit 1
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh
deleted file mode 100755
index e049402578..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "aai-model-loader[^[:space:]]*")
-
-if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- ps -efww | grep 'java' | grep 'model-loader' > /dev/null; then
-
- echo Success. Model Loader process is running. 2>&1
- exit 0
- else
- echo Failed. Model Loader process is not running. 2>&1
- exit 1
- fi
-else
- echo Failed. Model Loader container is offline. 2>&1
- exit 1
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh
deleted file mode 100755
index 816a0103f6..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-kafkapod=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-message-router-kafka-[^[:space:]]*")
-if [ -n "$kafkapod" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $kafkapod -- ps ef | grep -i kafka; then
- echo Success. Kafka process is running. 2>&1
- exit 0
- else
- echo Failed. Kafka is not running. 2>&1
- exit 1
- fi
-else
- echo Failed. Kafka container is offline. 2>&1
- exit 1
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh
deleted file mode 100755
index debcfd1868..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-zkpod=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-message-router-zookeeper-[^[:space:]]*")
-if [ -n "$zkpod" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $zkpod -- ps aux | grep -i zookeeper; then
- echo Success. Zookeeper process is running. 2>&1
- exit 0
- else
- echo Failed. Zookeeper is not running. 2>&1
- exit 1
- fi
-else
- echo Failed. Zookeeper container is offline. 2>&1
- exit 1
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh
deleted file mode 100644
index 865d477b7d..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-policydb[^[:space:]]*")
-
- if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
- echo Success. mariadb process is running. 2>&1
- exit 0
- else
- echo Failed. mariadb process is not running. 2>&1
- exit 1
- fi
- else
- echo Failed. mariadb container is offline. 2>&1
- exit 1
- fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh
deleted file mode 100755
index c362ffed34..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-## Strip out the ON_BOARDING section from the response XML (otherwise we will
-## get duplicate results when we search for component BE) and check to see if
-## the BE component is reported as up.
-READY=$(echo "$HEALTH_CHECK_RESPONSE" | sed '/ON_BOARDING/,/]/d' | grep -A 1 "BE" | grep "UP")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh
deleted file mode 100755
index 18b5b9d4bd..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-## Strip out the ON_BOARDING section from the response XML (otherwise we will
-## get duplicate results when we search for component CASSANDRA) and check to see if
-## the CASSANDRA component is reported as up.
-READY=$(echo "$HEALTH_CHECK_RESPONSE" | sed '/ON_BOARDING/,/]/d' | grep -A 1 "CASSANDRA" | grep "UP")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh
deleted file mode 100755
index 21a2b80a3d..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-## Strip out the ON_BOARDING section from the response XML (otherwise we will
-## get duplicate results when we search for component FE) and check to see if
-## the FE component is reported as up.
-READY=$(echo "$HEALTH_CHECK_RESPONSE" | sed '/ON_BOARDING/,/]/d' | grep -A 1 "FE" | grep "UP")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh
deleted file mode 100755
index fad3ddb293..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-## Strip out the ON_BOARDING section from the response XML (otherwise we will
-## get duplicate results when we search for component TITAN) and check to see if
-## the TITAN component is reported as up.
-READY=$(echo "$HEALTH_CHECK_RESPONSE" | sed '/ON_BOARDING/,/]/d' | grep -A 1 "TITAN" | grep "UP")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-cluster-health.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-cluster-health.sh
deleted file mode 100755
index ed7aefc0cf..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-cluster-health.sh
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/bin/sh
-{{/*
-
-# Copyright © 2018 Amdocs
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-# query ODL cluster state
-USERNAME="{{.Values.odl.jolokia.username}}"
-PASSWORD="{{.Values.odl.jolokia.password}}"
-
-count=${SDNC_ODL_COUNT:-1}
-siteId=0
-if [ "$SDNC_IS_PRIMARY_CLUSTER" = "false" ];then
- siteId=1
-fi
-
-for instance in $(seq $count);do
- shard=member-$(( $siteId*$count + $instance ))-shard-default-config
- mbean=Category=Shards,name=$shard,type=DistributedConfigDatastore
- url=http://{{ include "common.release" . }}-sdnc-$(( $instance-1 )).sdnc-cluster.{{.Release.Namespace}}:8181/jolokia/read/org.opendaylight.controller:$mbean
-
- response=$( curl -s -u $USERNAME:$PASSWORD $url )
- rc=$?
- if [ $rc -ne 0 ];then
- # failed to contact SDN-C instance - try another
- echo "Unable to connect to $shard [rc=$?]"
- continue
- fi
-
- status=$( echo "$response" | jq -r ".status" )
- if [ "$status" != "200" ];then
- # query failed, try another instance
- echo "$shard query failed [http-status=$status]"
- continue
- fi
-
- raftState=$( echo "$response" | jq -r ".value.RaftState" )
- if [ "$raftState" = "Leader" -o "$raftState" = "Follower" ];then
- # cluster has a leader and is healthy
- echo "$shard is healthy [RaftState=$raftState]"
- exit 0
- else
- echo "$shard is not healthy [RaftState=$raftState]"
- fi
-done
-
-# ODL cluster is not healthy
-exit 2
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh
deleted file mode 100755
index c0fbcfbbe3..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-SDNC_DBHOST_POD=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "sdnc-dbhost-[^[:space:]]*")
-if [ -n "$SDNC_DBHOST_POD" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $SDNC_DBHOST_POD -- ./healthcheck.sh |grep -i "mysqld is alive"; then
- echo Success. SDNC DBHost is running. 2>&1
- exit 0
- else
- echo Failed. SDNC DBHost is not running. 2>&1
- exit 1
- fi
-else
- echo Failed. SDNC DBHost is offline. 2>&1
- exit 1
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh
deleted file mode 100644
index 68ab27dbc9..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/bin/sh
-{{/*
-
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-SEARCH_SERVICE_NAME="search-data-service.{{ include "common.namespace" . }}"
-SEARCH_SERVICE_PORT=9509
-HEALTH_CHECK_INDEX="healthcheck"
-
-# 'Document Index' REST Endpoint
-INDEX_URL="https://$SEARCH_SERVICE_NAME:$SEARCH_SERVICE_PORT/services/search-data-service/v1/search/indexes/$HEALTH_CHECK_INDEX"
-INDEX_SCHEMA="{\"fields\":[{\"name\": \"field1\", \"data-type\": \"string\"}]}"
-
-SEARCH_CERT_FILE="/consul/certs/client-cert-onap.crt.pem"
-SEARCH_KEY_FILE="/consul/certs/client-cert-onap.key.pem"
-
-## Try to create an index via the Search Data Service API.
-CREATE_INDEX_RESP=$(curl -s -o /dev/null -w "%{http_code}" -k --cert $SEARCH_CERT_FILE --cert-type PEM --key $SEARCH_KEY_FILE --key-type PEM -d "$INDEX_SCHEMA" --header "Content-Type: application/json" --header "X-TransactionId: ConsulHealthCheck" -X PUT $INDEX_URL)
-
-RESULT_STRING=" "
-
-if [ $CREATE_INDEX_RESP -eq 201 ]; then
- RESULT_STRING="Service Is Able To Communicate With Back End"
-elif [ $CREATE_INDEX_RESP -eq 400 ]; then
- # A 400 response could mean that the index already exists (ie: we didn't
- # clean up after ourselves on a previous check), so log the response but
- # don't exit yet. If we fail on the delete then we can consider the
- # check a failure, otherwise, we are good.
- RESULT_STRING="$RESULT_STRING Create Index [FAIL - 400 (possible index already exists)] "
-else
- RESULT_STRING="Service API Failure - $CREATE_INDEX_RESP"
- echo $RESULT_STRING
- exit 1
-fi
-
-## Now, clean up after ourselves.
-DELETE_INDEX_RESP=$(curl -s -o /dev/null -w "%{http_code}" -k --cert $SEARCH_CERT_FILE --cert-type PEM --key $SEARCH_KEY_FILE --key-type PEM -d "{ }" --header "Content-Type: application/json" --header "X-TransactionId: ConsulHealthCheck" -X DELETE $INDEX_URL)
-
-if [ $DELETE_INDEX_RESP -eq 200 ]; then
- RESULT_STRING="Service Is Able To Communicate With Back End"
-else
- RESULT_STRING="Service API Failure - $DELETE_INDEX_RESP"
- echo $RESULT_STRING
- exit 1
-fi
-
-echo $RESULT_STRING
-return 0
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-api-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-api-script.sh
deleted file mode 100755
index e0acea7ce9..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-api-script.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://so:8080/ecomp/mso/infra/healthcheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-camunda-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-camunda-script.sh
deleted file mode 100755
index 2ef5f8c4dd..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-camunda-script.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://so:8080/mso/healthcheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-jra-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-jra-script.sh
deleted file mode 100755
index deee34c001..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-jra-script.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://so:8080/networks/rest/healthcheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh
deleted file mode 100755
index a0974c0a45..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-so-db[^[:space:]]*")
-
- if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
- echo Success. mariadb process is running. 2>&1
- exit 0
- else
- echo Failed. mariadb process is not running. 2>&1
- exit 1
- fi
- else
- echo Failed. mariadb container is offline. 2>&1
- exit 1
- fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh
deleted file mode 100755
index 19134cfa76..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "aai-sparky-be[^[:space:]]*")
-
-if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- ps -efww | grep 'java' | grep 'sparky' > /dev/null; then
-
- echo Success. UI Backend Service process is running. 2>&1
- exit 0
- else
- echo Failed. UI Backend Service process is not running. 2>&1
- exit 1
- fi
-else
- echo Failed. UI Backend Service container is offline. 2>&1
- exit 1
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh
deleted file mode 100755
index 7b0bc246f6..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-vid-mariadb[^[:space:]]*")
-
- if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
- echo Success. mariadb process is running. 2>&1
- exit 0
- else
- echo Failed. mariadb process is not running. 2>&1
- exit 1
- fi
- else
- echo Failed. mariadb container is offline. 2>&1
- exit 1
- fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdc-health.json b/kubernetes/consul/resources/config/consul-agent-config/sdc-health.json
deleted file mode 100644
index 105635b592..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdc-health.json
+++ /dev/null
@@ -1,49 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDC",
- "checks": [
- {
- "id": "sdc-fe-healthcheck",
- "name": "SDC Front End Health Check",
- "script": "/consul/scripts/sdc-fe-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "sdc-be-healthcheck",
- "name": "SDC Back End Health Check",
- "script": "/consul/scripts/sdc-be-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "sdc-titan-healthcheck",
- "name": "SDC Titan Health Check",
- "script": "/consul/scripts/sdc-titan-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "sdc-cs-healthcheck",
- "name": "SDC Cassandra Health Check",
- "script": "/consul/scripts/sdc-cs-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "sdc-catalog-healthcheck",
- "name": "SDC Catalog Health Check",
- "http": "https://sdc-be:8443/asdc/v1/catalog/services",
- "header": {
- "Authorization": ["Basic dmlkOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU="],
- "X-ECOMP-InstanceID": ["VID"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-cluster-health.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-cluster-health.json
deleted file mode 100644
index 86a7630392..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-cluster-health.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDNC ODL Cluster",
- "checks": [
- {
- "id": "sdnc-odl-cluster-healthcheck",
- "name": "SDNC ODL Cluster Health Check",
- "script": "/consul/scripts/sdnc-cluster-health.sh",
- "interval": "15s",
- "timeout": "10s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-dbhost.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-dbhost.json
deleted file mode 100644
index ea0ae562e9..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-dbhost.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDNC - DB Host",
- "checks": [
- {
- "id": "sdnc-dbhost-healthcheck",
- "name": "SDNC DBHOST Health Check",
- "script": "/consul/scripts/sdnc-dbhost-script.sh",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json
deleted file mode 100644
index 72e6be9093..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json
+++ /dev/null
@@ -1,22 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDNC - DGBuilder",
- "checks": [
- {
- "id": "sdnc-dgbuilder",
- "name": "SDNC-DGbuilder Health Check",
- "http": "http://sdnc-dgbuilder:3000/",
- "method": "HEAD",
- "header": {
- "Authorization": ["Basic ZGd1c2VyOnRlc3QxMjM="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json
deleted file mode 100644
index 5f42835cf7..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json
+++ /dev/null
@@ -1,22 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDNC",
- "checks": [
- {
- "id": "odl-api-healthcheck",
- "name": "SDNC API Health Check",
- "http": "http://sdnc:8282/restconf/operations/SLI-API:healthcheck",
- "method": "POST",
- "header": {
- "Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json
deleted file mode 100644
index ed196bd0cf..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDNC-SDN-CTL-DB-01",
- "checks": [
- {
- "id": "sdnctldb01",
- "name": "SDNC SDNCTLDB01 Health Check",
- "tcp": "sdnc-sdnctldb01:3306",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json
deleted file mode 100644
index b63329f544..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDNC-SDN-CTL-DB-02",
- "checks": [
- {
- "id": "sdnctldb02",
- "name": "SDNC SDNCTLDB02 Health Check",
- "tcp": "sdnc-sdnctldb02:3306",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json
deleted file mode 100644
index db84164fc7..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json
+++ /dev/null
@@ -1,22 +0,0 @@
-{
- "service": {
- "name": "Health Check: SDNC - SDN Host",
- "checks": [
- {
- "id": "sdnc-sdnhost",
- "name": "SDNC SDN Host Health Check",
- "http": "http://sdnc:8282/apidoc/explorer/index.html",
- "method": "HEAD",
- "header": {
- "Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/so-health.json b/kubernetes/consul/resources/config/consul-agent-config/so-health.json
deleted file mode 100644
index 565c4a4a7a..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/so-health.json
+++ /dev/null
@@ -1,28 +0,0 @@
-{
- "service": {
- "name": "Health Check: SO",
- "checks": [
- {
- "id": "so-api-healthcheck",
- "name": "SO API Health Check",
- "script": "/consul/scripts/so-api-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "so-camunda-healthcheck",
- "name": "SO Camunda Health Check",
- "script": "/consul/scripts/so-camunda-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "so-jra-healthcheck",
- "name": "SO JRA Health Check",
- "script": "/consul/scripts/so-jra-script.sh",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/so-mariabdb.json b/kubernetes/consul/resources/config/consul-agent-config/so-mariabdb.json
deleted file mode 100644
index fb554208e4..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/so-mariabdb.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
- "service": {
- "name": "Health Check: SO - MariaDb",
- "checks": [
- {
- "id": "so-mariadb",
- "name": "SO Mariadb Health Check",
- "script": "/consul/scripts/so-mariadb-script.sh",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
-
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/vfc-health.json b/kubernetes/consul/resources/config/consul-agent-config/vfc-health.json
deleted file mode 100644
index 3661ac708b..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/vfc-health.json
+++ /dev/null
@@ -1,119 +0,0 @@
-{
- "service": {
- "name": "Health Check: VFC",
- "checks": [
- {
- "id": "vfc-catalog",
- "name": "VFC catalog Health Check",
- "tcp": "vfc-catalog:8806",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-emsdriver",
- "name": "VFC emsdriver Health Check",
- "tcp": "vfc-ems-driver:8206",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-gvnfmdriver",
- "name": "VFC gvnfmdriver Health Check",
- "tcp": "vfc-generic-vnfm-driver:8484",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-hwvnfmdriver",
- "name": "VFC hwvnfmdriver Health Check",
- "tcp": "vfc-huawei-vnfm-driver:8482",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-jujudriver",
- "name": "VFC jujudriver Health Check",
- "tcp": "vfc-juju-vnfm-driver:8483",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-nokiavnfmdriver",
- "name": "VFC nokiavnfmdriver Health Check",
- "tcp": "vfc-nokia-vnfm-driver:8486",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-nokiav2vnfmdriver",
- "name": "VFC nokiav2vnfmdriver Health Check",
- "tcp": "vfc-nokia-v2vnfm-driver:8089",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-nslcm",
- "name": "VFC nslcm Health Check",
- "tcp": "vfc-nslcm:8403",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-resmgr",
- "name": "VFC resmgr Health Check",
- "tcp": "vfc-resmgr:8480",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-vnflcm",
- "name": "VFC vnflcm Health Check",
- "tcp": "vfc-vnflcm:8801",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-vnfmgr",
- "name": "VFC vnfmgr Health Check",
- "tcp": "vfc-vnfmgr:8803",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-vnfres",
- "name": "VFC vnfres Health Check",
- "tcp": "vfc-vnfres:8802",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-workflow",
- "name": "VFC workflow Health Check",
- "tcp": "vfc-workflow:10550",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-workflowengineactiviti",
- "name": "VFC workflow-engine Health Check",
- "tcp": "vfc-workflow-engine:8080",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-ztesdncdriver",
- "name": "VFC ztesdncdriver Health Check",
- "tcp": "vfc-zte-sdnc-driver:8411",
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vfc-ztevnfmdriver",
- "name": "VFC ztevnfmdriver Health Check",
- "tcp": "vfc-zte-vnfm-driver:8410",
- "interval": "15s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/vid-health.json b/kubernetes/consul/resources/config/consul-agent-config/vid-health.json
deleted file mode 100644
index d6d8d4c03d..0000000000
--- a/kubernetes/consul/resources/config/consul-agent-config/vid-health.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
- "service": {
- "name": "Health Check: VID",
- "checks": [
- {
- "id": "vid-server",
- "name": "VID Server Health Check",
- "http": "http://vid:8080/vid/healthCheck",
- "method": "GET",
- "header": {
- "Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="],
- "Cache-Control": ["no-cache"],
- "Content-Type": ["application/json"],
- "Accept": ["application/json"]
- },
- "tls_skip_verify": true,
- "interval": "15s",
- "timeout": "1s"
- },
- {
- "id": "vid-mariadb",
- "name": "Vid Mariadb Health Check",
- "script": "/consul/scripts/vid-mariadb-script.sh",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/templates/configmap.yaml b/kubernetes/consul/templates/configmap.yaml
deleted file mode 100644
index 42c8cba6b4..0000000000
--- a/kubernetes/consul/templates/configmap.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/consul-agent-config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-scripts-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/consul-agent-config/scripts/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/consul/templates/deployment.yaml b/kubernetes/consul/templates/deployment.yaml
deleted file mode 100644
index c5d12a4693..0000000000
--- a/kubernetes/consul/templates/deployment.yaml
+++ /dev/null
@@ -1,99 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- name: {{ include "common.name" . }}
- spec:
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- initContainers:
- - name: {{ include "common.name" . }}-chown
- image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
- command:
- - sh
- args:
- - -c
- - |
- cp -r -L /tmp/consul/config/* /consul/config/
- chown -R {{ .Values.consulUID }}:{{ .Values.consulGID }} /consul/config
- ls -la /consul/config
- volumeMounts:
- - mountPath: /tmp/consul/config
- name: consul-agent-config
- - mountPath: /consul/config
- name: consul-agent-config-dir
- containers:
- - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- securityContext:
- runAsUser: {{ .Values.securityContext.runAsUser }}
- runAsGroup: {{ .Values.securityContext.runAsGroup }}
- command:
- - docker-entrypoint.sh
- args:
- - agent
- - -client
- - 0.0.0.0
- - -enable-script-checks
- - -retry-join
- - {{ .Values.consulServer.nameOverride }}
- name: {{ include "common.name" . }}
- env:
- - name: SDNC_ODL_COUNT
- value: "{{ .Values.sdnc.replicaCount }}"
- - name: SDNC_IS_PRIMARY_CLUSTER
- value: "{{ .Values.sdnc.config.isPrimaryCluster }}"
- volumeMounts:
- - mountPath: /consul/config
- name: consul-agent-config-dir
- - mountPath: /consul/scripts
- name: consul-agent-scripts-config
- - mountPath: /consul/certs
- name: consul-agent-certs-config
- resources: {{ include "common.resources" . | nindent 10 }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: consul-agent-config-dir
- emptyDir: {}
- - configMap:
- name: {{ include "common.fullname" . }}-configmap
- name: consul-agent-config
- - configMap:
- name: {{ include "common.fullname" . }}-scripts-configmap
- defaultMode: 0755
- name: consul-agent-scripts-config
- - secret:
- secretName: {{ include "common.fullname" . }}-certs-secret
- name: consul-agent-certs-config
diff --git a/kubernetes/consul/templates/ingress.yaml b/kubernetes/consul/templates/ingress.yaml
deleted file mode 100644
index 8f87c68f1e..0000000000
--- a/kubernetes/consul/templates/ingress.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "common.ingress" . }}
diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml
deleted file mode 100644
index 9036606377..0000000000
--- a/kubernetes/consul/values.yaml
+++ /dev/null
@@ -1,117 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- busyboxRepository: registry.hub.docker.com
- busyboxImage: library/busybox:latest
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/oom/consul:2.1.0
-pullPolicy: Always
-
-#subchart name
-consulServer:
- nameOverride: consul-server
-
-consulUID: 100
-consulGID: 1000
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 90
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 90
- periodSeconds: 10
-
-service: {}
-
-ingress:
- enabled: false
- service:
- - baseaddr: "consul-api"
- name: "consul-server"
- port: 8800
- config:
- ssl: "none"
-
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 1
- memory: 1500Mi
- requests:
- cpu: 650m
- memory: 530Mi
- large:
- limits:
- cpu: 2
- memory: 4Gi
- requests:
- cpu: 1
- memory: 2Gi
- unlimited: {}
-
-odl:
- jolokia:
- username: admin
- password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-sdnc:
- config:
- isPrimaryCluster: true
- replicaCount: 1
-
-securityContext:
- fsGroup: 1000
- runAsUser: 100
- runAsGroup: 1000
-
-#Pods Service Account
-serviceAccount:
- nameOverride: consul
- roles:
- - read
diff --git a/kubernetes/contrib/.gitignore b/kubernetes/contrib/.gitignore
deleted file mode 100644
index 7020381894..0000000000
--- a/kubernetes/contrib/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-components/dist
diff --git a/kubernetes/contrib/.helmignore b/kubernetes/contrib/.helmignore
deleted file mode 100644
index 68ffb32406..0000000000
--- a/kubernetes/contrib/.helmignore
+++ /dev/null
@@ -1 +0,0 @@
-components/
diff --git a/kubernetes/contrib/Chart.yaml b/kubernetes/contrib/Chart.yaml
deleted file mode 100755
index b8e3f69c0e..0000000000
--- a/kubernetes/contrib/Chart.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright © 2017 Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP optional tools
-name: contrib
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: awx
- version: ~12.x-0
- repository: 'file://components/awx'
- condition: awx.enabled
- - name: ejbca
- version: ~12.x-0
- repository: 'file://components/ejbca'
- condition: global.cmpv2Enabled
- - name: netbox
- version: ~12.x-0
- repository: 'file://components/netbox'
- condition: netbox.enabled
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local' \ No newline at end of file
diff --git a/kubernetes/contrib/Makefile b/kubernetes/contrib/Makefile
deleted file mode 100644
index c3bbfa57b9..0000000000
--- a/kubernetes/contrib/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dns-server-for-vhost-ingress-testing ingress-nginx-post-inst metallb-loadbalancer-inst tools
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/contrib/components/Makefile b/kubernetes/contrib/components/Makefile
deleted file mode 100644
index 9544d70f33..0000000000
--- a/kubernetes/contrib/components/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/contrib/components/awx/Chart.yaml b/kubernetes/contrib/components/awx/Chart.yaml
deleted file mode 100755
index 38689dee53..0000000000
--- a/kubernetes/contrib/components/awx/Chart.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-# Copyright © 2019 Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Ansible AWX
-name: awx
-sources:
- - https://github.com/ansible/awx
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: awx-postgres
- version: ~12.x-0
- repository: 'file://components/awx-postgres'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local' \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/Makefile b/kubernetes/contrib/components/awx/Makefile
deleted file mode 100644
index ef273d0e9b..0000000000
--- a/kubernetes/contrib/components/awx/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/contrib/components/awx/components/Makefile b/kubernetes/contrib/components/awx/components/Makefile
deleted file mode 100644
index 79ba2fb47e..0000000000
--- a/kubernetes/contrib/components/awx/components/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml
deleted file mode 100755
index 7d6045642f..0000000000
--- a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2019 Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Ansible AWX database
-name: awx-postgres
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt b/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt
deleted file mode 100755
index 3ab092e848..0000000000
--- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml
deleted file mode 100755
index 61c0457712..0000000000
--- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml
+++ /dev/null
@@ -1,89 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- readinessProbe:
- exec:
- command:
- - /bin/sh
- - -i
- - -c
- - psql -h 127.0.0.1 -U $POSTGRES_USER -q -d {{ .Values.config.postgresDB }}
- -c 'SELECT 1'
- initialDelaySeconds: 5
- timeoutSeconds: 1
- env:
- - name: POSTGRES_USER
- value: "{{ .Values.config.postgresUser }}"
- - name: POSTGRES_PASSWORD
- value: "{{ .Values.config.postgresPassword }}"
- - name: POSTGRES_DB
- value: "{{ .Values.config.postgresDB }}"
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/postgresql/
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- {{- if .Values.persistence.enabled }}
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml
deleted file mode 100755
index bfe63abafe..0000000000
--- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml
deleted file mode 100755
index e12dabf175..0000000000
--- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml
deleted file mode 100755
index f560417425..0000000000
--- a/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml
deleted file mode 100755
index a6dc5ff90a..0000000000
--- a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml
+++ /dev/null
@@ -1,88 +0,0 @@
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-global: # global defaults
- nodePortPrefixExt: 304
- persistence: {}
-
-# application image
-image: postgres:10.4-alpine
-pullPolicy: Always
-
-# application configuration
-config:
- postgresUser: awx
- postgresPassword: awx
- postgresDB: awx
-
-ingress:
- enabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
-
- # Uncomment the storageClass parameter to use an existing PV
- # that will match the following class.
- # When uncomment the storageClass, the PV is not created anymore.
-
- # storageClass: "nfs-dev-sc"
-
- accessMode: ReadWriteOnce
- size: 1Gi
-
- # When using storage class, mountPath and mountSubPath are
- # simply ignored.
-
- mountPath: /dockerdata-nfs
- mountSubPath: awx/pgdata
-
-service:
- type: ClusterIP
- name: awx-postgresql
- portName: tcp-postgresql
- internalPort: 5432
- externalPort: 5432
-
-resources: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: awx-postgres
- roles:
- - read
diff --git a/kubernetes/contrib/components/awx/resources/config/credentials.py b/kubernetes/contrib/components/awx/resources/config/credentials.py
deleted file mode 100644
index 85808d10d4..0000000000
--- a/kubernetes/contrib/components/awx/resources/config/credentials.py
+++ /dev/null
@@ -1,38 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-DATABASES = {
- 'default': {
- 'ATOMIC_REQUESTS': True,
- 'ENGINE': 'awx.main.db.profiled_pg',
- 'NAME': "{{ .Values.config.postgresDB }}",
- 'USER': "{{ .Values.config.postgresUser }}",
- 'PASSWORD': "{{ .Values.config.postgresPassword }}",
- 'HOST': "awx-postgresql",
- 'PORT': "5432",
- }
-}
-BROKER_URL = 'amqp://{}:{}@{}:{}/{}'.format(
- "{{ .Values.config.rabbitmqUser }}",
- "{{ .Values.config.rabbitmqPassword }}",
- "localhost",
- "5672",
- "{{ .Values.config.rabbitmqVhost }}")
-CHANNEL_LAYERS = {
- 'default': {'BACKEND': 'asgi_amqp.AMQPChannelLayer',
- 'ROUTING': 'awx.main.routing.channel_routing',
- 'CONFIG': {'url': BROKER_URL}}
-} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/resources/config/environment.sh b/kubernetes/contrib/components/awx/resources/config/environment.sh
deleted file mode 100644
index cbfe2857ba..0000000000
--- a/kubernetes/contrib/components/awx/resources/config/environment.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-DATABASE_USER={{ .Values.config.postgresUser }}
-DATABASE_NAME={{ .Values.config.postgresDB }}
-DATABASE_HOST=awx-postgresql
-DATABASE_PORT=5432
-DATABASE_PASSWORD={{ .Values.config.postgresPassword }}
-MEMCACHED_HOST=localhost
-RABBITMQ_HOST=localhost
-AWX_ADMIN_USER={{ .Values.config.awxAdminUser }}
-AWX_ADMIN_PASSWORD={{ .Values.config.awxAdminPassword }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/templates/configmap.yaml b/kubernetes/contrib/components/awx/templates/configmap.yaml
deleted file mode 100644
index 59900f1c64..0000000000
--- a/kubernetes/contrib/components/awx/templates/configmap.yaml
+++ /dev/null
@@ -1,238 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-init-mgnt
- namespace: {{ include "common.namespace" . }}
-data:
- entrypoint: |
- #/bin/sh
-
- awx-manage migrate --noinput
- if [[ `echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True).count(); exit(0 if nsu > 0 else 1)' | awx-manage shell` > 0 ]]
- then
- echo 'from django.contrib.auth.models import User; User.objects.create_superuser('{{ .Values.config.awxAdminUser }}', '{{ .Values.config.awxAdminEmail }}', '{{ .Values.config.awxAdminPassword }}')' | awx-manage shell
- awx-manage update_password --username='{{ .Values.config.awxAdminUser }}' --password='{{ .Values.config.awxAdminPassword }}'
- fi
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-settings
- namespace: {{ include "common.namespace" . }}
-data:
- awx_settings: |
- import os
- import socket
- ADMINS = ()
-
- AWX_PROOT_ENABLED = True
-
- # Automatically deprovision pods that go offline
- AWX_AUTO_DEPROVISION_INSTANCES = True
-
- SYSTEM_TASK_ABS_CPU = 6
- SYSTEM_TASK_ABS_MEM = 20
-
- INSIGHTS_URL_BASE = "https://example.org"
-
- #Autoprovisioning should replace this
- CLUSTER_HOST_ID = socket.gethostname()
- SYSTEM_UUID = '00000000-0000-0000-0000-000000000000'
-
- SESSION_COOKIE_SECURE = False
- CSRF_COOKIE_SECURE = False
-
- REMOTE_HOST_HEADERS = ['HTTP_X_FORWARDED_FOR']
-
- STATIC_ROOT = '/var/lib/awx/public/static'
- PROJECTS_ROOT = '/var/lib/awx/projects'
- JOBOUTPUT_ROOT = '/var/lib/awx/job_status'
- SECRET_KEY = open('/etc/tower/SECRET_KEY', 'rb').read().strip()
- ALLOWED_HOSTS = ['*']
- INTERNAL_API_URL = 'http://127.0.0.1:8052'
- SERVER_EMAIL = 'root@localhost'
- DEFAULT_FROM_EMAIL = 'webmaster@localhost'
- EMAIL_SUBJECT_PREFIX = '[AWX] '
- EMAIL_HOST = 'localhost'
- EMAIL_PORT = 25
- EMAIL_HOST_USER = ''
- EMAIL_HOST_PASSWORD = ''
- EMAIL_USE_TLS = False
-
- LOGGING['handlers']['console'] = {
- '()': 'logging.StreamHandler',
- 'level': 'DEBUG',
- 'formatter': 'simple',
- }
-
- LOGGING['loggers']['django.request']['handlers'] = ['console']
- LOGGING['loggers']['rest_framework.request']['handlers'] = ['console']
- LOGGING['loggers']['awx']['handlers'] = ['console']
- LOGGING['loggers']['awx.main.commands.run_callback_receiver']['handlers'] = ['console']
- LOGGING['loggers']['awx.main.commands.inventory_import']['handlers'] = ['console']
- LOGGING['loggers']['awx.main.tasks']['handlers'] = ['console']
- LOGGING['loggers']['awx.main.scheduler']['handlers'] = ['console']
- LOGGING['loggers']['django_auth_ldap']['handlers'] = ['console']
- LOGGING['loggers']['social']['handlers'] = ['console']
- LOGGING['loggers']['system_tracking_migrations']['handlers'] = ['console']
- LOGGING['loggers']['rbac_migrations']['handlers'] = ['console']
- LOGGING['loggers']['awx.isolated.manager.playbooks']['handlers'] = ['console']
- LOGGING['handlers']['callback_receiver'] = {'class': 'logging.NullHandler'}
- LOGGING['handlers']['task_system'] = {'class': 'logging.NullHandler'}
- LOGGING['handlers']['tower_warnings'] = {'class': 'logging.NullHandler'}
- LOGGING['handlers']['rbac_migrations'] = {'class': 'logging.NullHandler'}
- LOGGING['handlers']['system_tracking_migrations'] = {'class': 'logging.NullHandler'}
- LOGGING['handlers']['management_playbooks'] = {'class': 'logging.NullHandler'}
-
- CACHES = {
- 'default': {
- 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
- 'LOCATION': '{}:{}'.format("localhost", "11211")
- },
- 'ephemeral': {
- 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
- },
- }
-
- USE_X_FORWARDED_PORT = True
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-rabbitmq
- namespace: {{ include "common.namespace" . }}
-data:
- enabled_plugins: |
- [rabbitmq_management,rabbitmq_peer_discovery_k8s].
- rabbitmq.conf: |
- ## Clustering
- management.load_definitions = /etc/rabbitmq/rabbitmq_definitions.json
- cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
- cluster_formation.k8s.host = kubernetes.default.svc
- cluster_formation.k8s.address_type = ip
- cluster_formation.node_cleanup.interval = 10
- cluster_formation.node_cleanup.only_log_warning = false
- cluster_partition_handling = autoheal
- ## queue master locator
- queue_master_locator=min-masters
- ## enable guest user
- loopback_users.guest = false
- rabbitmq_definitions.json: |
- {
- "users":[{"name": "{{ .Values.config.rabbitmqUser }}", "password": "{{ .Values.config.rabbitmqPassword }}", "tags": ""}],
- "permissions":[
- {"user":"{{ .Values.config.rabbitmqUser }}","vhost":"{{ .Values.config.rabbitmqVhost }}","configure":".*","write":".*","read":".*"}
- ],
- "vhosts":[{"name":"{{ .Values.config.rabbitmqVhost }}"}],
- "policies":[
- {"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}}
- ]
- }
----
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-nginx-conf
- namespace: {{ include "common.namespace" . }}
- labels:
- app.kubernetes.io/name: {{ include "common.name" . }}
- helm.sh/chart: {{ include "common.chart" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
-data:
- nginx.conf: |
- worker_processes 1;
- pid /tmp/nginx.pid;
- events {
- worker_connections 1024;
- }
- http {
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- server_tokens off;
- log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';
- access_log /dev/stdout main;
- map $http_upgrade $connection_upgrade {
- default upgrade;
- '' close;
- }
- sendfile on;
- #tcp_nopush on;
- #gzip on;
- upstream uwsgi {
- server 127.0.0.1:8050;
- }
- upstream daphne {
- server 127.0.0.1:8051;
- }
- server {
- listen 8052 default_server;
- # If you have a domain name, this is where to add it
- server_name _;
- keepalive_timeout 65;
- # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
- add_header Strict-Transport-Security max-age=15768000;
- add_header Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
- add_header X-Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
- # Protect against click-jacking https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009)
- add_header X-Frame-Options "DENY";
- location /nginx_status {
- stub_status on;
- access_log off;
- allow 127.0.0.1;
- deny all;
- }
- location /static/ {
- alias /var/lib/awx/public/static/;
- }
- location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; }
- location /websocket {
- # Pass request to the upstream alias
- proxy_pass http://daphne;
- # Require http version 1.1 to allow for upgrade requests
- proxy_http_version 1.1;
- # We want proxy_buffering off for proxying to websockets.
- proxy_buffering off;
- # http://en.wikipedia.org/wiki/X-Forwarded-For
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # enable this if you use HTTPS:
- proxy_set_header X-Forwarded-Proto https;
- # pass the Host: header from the client for the sake of redirects
- proxy_set_header Host $http_host;
- # We've set the Host header, so we don't need Nginx to muddle
- # about with redirects
- proxy_redirect off;
- # Depending on the request value, set the Upgrade and
- # connection headers
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- }
- location / {
- # Add trailing / if missing
- rewrite ^(.*)$http_host(.*[^/])$ $1$http_host$2/ permanent;
- uwsgi_read_timeout 120s;
- uwsgi_pass uwsgi;
- include /etc/nginx/uwsgi_params;
- proxy_set_header X-Forwarded-Port 443;
- }
- }
- }
diff --git a/kubernetes/contrib/components/awx/templates/job.yaml b/kubernetes/contrib/components/awx/templates/job.yaml
deleted file mode 100644
index 1ebe340a68..0000000000
--- a/kubernetes/contrib/components/awx/templates/job.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- backoffLimit: 5
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}-mgnt
- release: {{ include "common.release" . }}
- spec:
- serviceAccount: {{ include "common.fullname" . }}
- serviceAccountName: {{ include "common.fullname" . }}
- restartPolicy: Never
- initContainers:
- - name: {{ include "common.name" . }}-init-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - awx-postgres
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- containers:
- - name: {{ include "common.name" . }}-mgnt
- command:
- - /bin/sh
- - -cx
- - |
- {{- if include "common.onServiceMesh" . }}
- echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
- /etc/tower/job-entrypoint.sh
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- resources:
- requests:
- cpu: 1500m
- memory: 2Gi
- securityContext:
- privileged: true
- volumeMounts:
- - mountPath: /etc/tower/job-entrypoint.sh
- name: awx-mgnt
- readOnly: true
- subPath: job-entrypoint.py
- - mountPath: /etc/tower/settings.py
- name: awx-application-config
- readOnly: true
- subPath: settings.py
- - mountPath: /etc/tower/conf.d/
- name: awx-application-credentials
- readOnly: true
- - mountPath: /etc/tower/SECRET_KEY
- name: awx-secret-key
- readOnly: true
- subPath: SECRET_KEY
- {{ include "common.waitForJobContainer" . | indent 6 | trim }}
- volumes:
- - configMap:
- defaultMode: 0777
- items:
- - key: entrypoint
- path: job-entrypoint.py
- name: {{ include "common.fullname" . }}-init-mgnt
- name: awx-mgnt
- - configMap:
- defaultMode: 420
- items:
- - key: awx_settings
- path: settings.py
- name: {{ include "common.fullname" . }}-settings
- name: awx-application-config
- - name: awx-application-credentials
- secret:
- defaultMode: 420
- items:
- - key: credentials_py
- path: credentials.py
- - key: environment_sh
- path: environment.sh
- secretName: {{ include "common.fullname" . }}-secrets
- - name: awx-secret-key
- secret:
- defaultMode: 420
- items:
- - key: secret_key
- path: SECRET_KEY
- secretName: {{ include "common.fullname" . }}-secrets
- - configMap:
- defaultMode: 420
- items:
- - key: rabbitmq.conf
- path: rabbitmq.conf
- - key: enabled_plugins
- path: enabled_plugins
- - key: rabbitmq_definitions.json
- path: rabbitmq_definitions.json
- name: {{ include "common.fullname" . }}-rabbitmq
- name: rabbitmq-config
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/awx/templates/secret.yaml b/kubernetes/contrib/components/awx/templates/secret.yaml
deleted file mode 100644
index 642f779214..0000000000
--- a/kubernetes/contrib/components/awx/templates/secret.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
- name: {{ include "common.fullname" . }}-secrets
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
- credentials_py: {{ tpl (.Files.Get "resources/config/credentials.py") . | b64enc }}
- environment_sh: {{ tpl (.Files.Get "resources/config/environment.sh") . | b64enc }}
- rabbitmq_erlang_cookie: {{ .Values.config.rabbitmqErlangCookie | b64enc | quote }}
- secret_key: {{ .Values.config.secretKey | b64enc | quote }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/templates/service.yaml b/kubernetes/contrib/components/awx/templates/service.yaml
deleted file mode 100755
index 85ec8c8428..0000000000
--- a/kubernetes/contrib/components/awx/templates/service.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-rmq-mgmt
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.rmqmgmt.type }}
- ports:
- - port: {{ .Values.service.rmqmgmt.externalPort }}
- targetPort: {{ .Values.service.rmqmgmt.internalPort }}
- name: {{ .Values.service.rmqmgmt.portName }}
- selector:
- app: {{ include "common.fullname" . }}
- release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-web
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.web.type }}
- ports:
- - port: {{ .Values.service.web.externalPort }}
- targetPort: {{ .Values.service.web.internalPort }}
- name: {{ .Values.service.web.portName }}
- selector:
- app: {{ include "common.fullname" . }}
- release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-rabbitmq
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- type: LoadBalancer
-spec:
- type: {{ .Values.service.rabbitmq.type }}
- ports:
- - port: {{ .Values.service.rabbitmq.http.externalPort }}
- targetPort: {{ .Values.service.rabbitmq.http.internalPort }}
- name: {{ .Values.service.rabbitmq.http.portName }}
- - port: {{ .Values.service.rabbitmq.amqp.externalPort }}
- targetPort: {{ .Values.service.rabbitmq.amqp.internalPort }}
- name: {{ .Values.service.rabbitmq.amqp.portName }}
- selector:
- app: {{ include "common.fullname" . }}
- release: {{ include "common.release" . }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/templates/serviceaccount.yaml b/kubernetes/contrib/components/awx/templates/serviceaccount.yaml
deleted file mode 100644
index 15baf0e308..0000000000
--- a/kubernetes/contrib/components/awx/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "common.fullname" . }}-endpoint-reader
- namespace: {{ include "common.namespace" . }}
-rules:
-- apiGroups: ["", "extensions", "apps", "batch"]
- resources: ["endpoints", "deployments", "pods", "replicasets/status", "jobs/status"]
- verbs: ["get", "list"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "common.fullname" . }}-endpoint-reader
- namespace: {{ include "common.namespace" . }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "common.fullname" . }}-endpoint-reader
-subjects:
-- kind: ServiceAccount
- name: {{ include "common.fullname" . }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/templates/statefulset.yaml
deleted file mode 100644
index 1f2c093742..0000000000
--- a/kubernetes/contrib/components/awx/templates/statefulset.yaml
+++ /dev/null
@@ -1,227 +0,0 @@
-{{/*
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- podManagementPolicy: OrderedReady
- replicas: {{ .Values.replicaCount }}
- serviceName: {{ include "common.fullname" . }}
- selector:
- matchLabels:
- app: {{ include "common.fullname" . }}
- name: {{ include "common.name" . }}-web-deploy
- service: django
- template:
- metadata:
- labels:
- app: {{ include "common.fullname" . }}
- name: {{ include "common.name" . }}-web-deploy
- release: {{ include "common.release" . }}
- service: django
- spec:
-
- initContainers:
- - name: {{ include "common.name" . }}-init-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - {{ include "common.name" . }}-mgnt
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
-
- containers:
-
- - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.web }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-web
- ports:
- - containerPort: {{ .Values.service.web.internalPort }}
- protocol: TCP
- resources:
- requests:
- cpu: 500m
- memory: 1Gi
- volumeMounts:
- - mountPath: /etc/tower/settings.py
- name: awx-application-config
- readOnly: true
- subPath: settings.py
- - mountPath: /etc/tower/conf.d/
- name: awx-application-credentials
- readOnly: true
- - mountPath: /etc/tower/SECRET_KEY
- name: awx-secret-key
- readOnly: true
- subPath: SECRET_KEY
- - mountPath: /etc/nginx/nginx.conf
- name: awx-nginx-conf
- subPath: "nginx.conf"
-
- - command: ["/bin/sh","-c"]
- args: ["/usr/bin/launch_awx_task.sh"]
- env:
- - name: AWX_SKIP_MIGRATIONS
- value: "1"
-
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-celery
- resources:
- requests:
- cpu: 1500m
- memory: 2Gi
- securityContext:
- privileged: true
- volumeMounts:
- - mountPath: /etc/tower/settings.py
- name: awx-application-config
- readOnly: true
- subPath: settings.py
- - mountPath: /etc/tower/conf.d/
- name: awx-application-credentials
- readOnly: true
- - mountPath: /etc/tower/SECRET_KEY
- name: awx-secret-key
- readOnly: true
- subPath: SECRET_KEY
- - mountPath: /etc/nginx/nginx.conf
- name: awx-nginx-conf
- subPath: "nginx.conf"
- - env:
- - name: MY_POD_IP
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: status.podIP
- - name: RABBITMQ_USE_LONGNAME
- value: "true"
- - name: RABBITMQ_NODENAME
- value: rabbit@$(MY_POD_IP)
- - name: RABBITMQ_ERLANG_COOKIE
- valueFrom:
- secretKeyRef:
- key: rabbitmq_erlang_cookie
- name: {{ include "common.fullname" . }}-secrets
- - name: K8S_SERVICE_NAME
- value: {{ include "common.servicename" . }}-rabbitmq
-
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.rabbitmq }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-rabbit
- livenessProbe:
- exec:
- command:
- - rabbitmqctl
- - status
- failureThreshold: 3
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- successThreshold: 1
- timeoutSeconds: 10
- ports:
- - containerPort: {{ .Values.service.rabbitmq.http.internalPort }}
- name: {{ .Values.service.rabbitmq.http.portName }}
- protocol: TCP
- - containerPort: {{ .Values.service.rabbitmq.amqp.internalPort }}
- name: {{ .Values.service.rabbitmq.amqp.portName }}
- protocol: TCP
- readinessProbe:
- exec:
- command:
- - rabbitmqctl
- - status
- failureThreshold: 3
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- successThreshold: 1
- timeoutSeconds: 10
- resources:
- requests:
- cpu: 500m
- memory: 2Gi
- volumeMounts:
- - mountPath: /etc/rabbitmq
- name: rabbitmq-config
-
- - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.memcached }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-memcached
- resources:
- requests:
- cpu: 500m
- memory: 1Gi
- serviceAccount: {{ include "common.fullname" . }}
- serviceAccountName: {{ include "common.fullname" . }}
- volumes:
- - configMap:
- defaultMode: 420
- items:
- - key: awx_settings
- path: settings.py
- name: {{ include "common.fullname" . }}-settings
- name: awx-application-config
- - name: awx-application-credentials
- secret:
- defaultMode: 420
- items:
- - key: credentials_py
- path: credentials.py
- - key: environment_sh
- path: environment.sh
- secretName: {{ include "common.fullname" . }}-secrets
- - name: awx-secret-key
- secret:
- defaultMode: 420
- items:
- - key: secret_key
- path: SECRET_KEY
- secretName: {{ include "common.fullname" . }}-secrets
- - configMap:
- defaultMode: 420
- items:
- - key: rabbitmq.conf
- path: rabbitmq.conf
- - key: enabled_plugins
- path: enabled_plugins
- - key: rabbitmq_definitions.json
- path: rabbitmq_definitions.json
- name: {{ include "common.fullname" . }}-rabbitmq
- name: rabbitmq-config
- - configMap:
- defaultMode: 420
- items:
- - key: nginx.conf
- path: nginx.conf
- name: {{ include "common.fullname" . }}-nginx-conf
- name: awx-nginx-conf
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml
deleted file mode 100755
index c30999fa6d..0000000000
--- a/kubernetes/contrib/components/awx/values.yaml
+++ /dev/null
@@ -1,120 +0,0 @@
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-global: # global defaults
- nodePortPrefixExt: 304
- commonConfigPrefix: awx
- persistence: {}
-
-# application image
-image:
- web: ansible/awx_web:9.0.1
- task: ansible/awx_task:9.0.1
- rabbitmq: ansible/awx_rabbitmq:3.7.4
- memcached: memcached:1.5.20
-pullPolicy: Always
-
-# application configuration
-config:
- postgresUser: awx
- postgresPassword: awx
- postgresDB: awx
-# RabbitMQ Configuration
- rabbitmqUser: awx
- rabbitmqPassword: awxpass
- rabbitmqVhost: awx
- rabbitmqErlangCookie: cookiemonster3
-# This will create or update a default admin (superuser) account in AWX, if not provided
-# then these default values are used
- awxAdminUser: admin
- awxAdminPassword: password
- awxAdminEmail: cds@onap.org
-# AWX Secret key
-# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt
-# your credentials
- secretKey: awxsecret
-
-ingress:
- enabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- enabled: true
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
-
- # Uncomment the storageClass parameter to use an existing PV
- # that will match the following class.
- # When uncomment the storageClass, the PV is not created anymore.
-
- # storageClass: "nfs-dev-sc"
-
- accessMode: ReadWriteOnce
- size: 5Gi
-
- # When using storage class, mountPath and mountSubPath are
- # simply ignored.
-
- mountPath: /dockerdata-nfs
- mountSubPath: awx/pgdata
-
-service:
- rmqmgmt:
- type: ClusterIP
- portName: http-rmqmgmt
- internalPort: 15672
- externalPort: 15672
- web:
- type: ClusterIP
- portName: http-web
- internalPort: 8052
- externalPort: 8052
- rabbitmq:
- type: ClusterIP
- http:
- portName: http-rmq
- internalPort: 15672
- externalPort: 15672
- amqp:
- portName: tcp-amqp
- internalPort: 5672
- externalPort: 5672
-
-resources: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: awx
- roles:
- - read
-
-wait_for_job_container:
- containers:
- - '{{ include "common.name" . }}-mgnt'
diff --git a/kubernetes/contrib/components/ejbca/Chart.yaml b/kubernetes/contrib/components/ejbca/Chart.yaml
deleted file mode 100644
index 5c7ec253ed..0000000000
--- a/kubernetes/contrib/components/ejbca/Chart.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-# Copyright © 2020 Nokia
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP EJBCA test server
-name: ejbca
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: mariadb-galera
- version: ~12.x-0
- repository: '@local'
- condition: global.mariadbGalera.localCluster
- - name: mariadb-init
- version: ~12.x-0
- repository: '@local'
- condition: global.mariadbGalera.globalCluster
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: cmpv2Config
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local' \ No newline at end of file
diff --git a/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml b/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml
deleted file mode 100644
index e163aed82a..0000000000
--- a/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml
+++ /dev/null
@@ -1,595 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<java version="1.8.0_242" class="java.beans.XMLDecoder">
- <object class="java.util.LinkedHashMap">
- <void method="put">
- <string>version</string>
- <float>46.0</float>
- </void>
- <void method="put">
- <string>type</string>
- <int>1</int>
- </void>
- <void method="put">
- <string>certversion</string>
- <string>X509v3</string>
- </void>
- <void method="put">
- <string>encodedvalidity</string>
- <string>2y</string>
- </void>
- <void method="put">
- <string>usecertificatevalidityoffset</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>certificatevalidityoffset</string>
- <string>-10m</string>
- </void>
- <void method="put">
- <string>useexpirationrestrictionforweekdays</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>expirationrestrictionforweekdaysbefore</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>expirationrestrictionweekdays</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <boolean>true</boolean>
- </void>
- <void method="add">
- <boolean>true</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>true</boolean>
- </void>
- <void method="add">
- <boolean>true</boolean>
- </void>
- </object>
- </void>
- <void method="put">
- <string>allowvalidityoverride</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>allowextensionoverride</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>allowdnoverride</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>allowdnoverridebyeei</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>allowbackdatedrevokation</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usecertificatestorage</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>storecertificatedata</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>storesubjectaltname</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>usebasicconstrants</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>basicconstraintscritical</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>usesubjectkeyidentifier</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>subjectkeyidentifiercritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useauthoritykeyidentifier</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>authoritykeyidentifiercritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usesubjectalternativename</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>subjectalternativenamecritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useissueralternativename</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>issueralternativenamecritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usecrldistributionpoint</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usedefaultcrldistributionpoint</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>crldistributionpointcritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>crldistributionpointuri</string>
- <string></string>
- </void>
- <void method="put">
- <string>usefreshestcrl</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usecadefinedfreshestcrl</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>freshestcrluri</string>
- <string></string>
- </void>
- <void method="put">
- <string>crlissuer</string>
- <string></string>
- </void>
- <void method="put">
- <string>usecertificatepolicies</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>certificatepoliciescritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>certificatepolicies</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <string>availablekeyalgorithms</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <string>DSA</string>
- </void>
- <void method="add">
- <string>ECDSA</string>
- </void>
- <void method="add">
- <string>RSA</string>
- </void>
- </object>
- </void>
- <void method="put">
- <string>availableeccurves</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <string>ANY_EC_CURVE</string>
- </void>
- </object>
- </void>
- <void method="put">
- <string>availablebitlengths</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>192</int>
- </void>
- <void method="add">
- <int>224</int>
- </void>
- <void method="add">
- <int>239</int>
- </void>
- <void method="add">
- <int>256</int>
- </void>
- <void method="add">
- <int>384</int>
- </void>
- <void method="add">
- <int>512</int>
- </void>
- <void method="add">
- <int>521</int>
- </void>
- <void method="add">
- <int>1024</int>
- </void>
- <void method="add">
- <int>1536</int>
- </void>
- <void method="add">
- <int>2048</int>
- </void>
- <void method="add">
- <int>3072</int>
- </void>
- <void method="add">
- <int>4096</int>
- </void>
- <void method="add">
- <int>6144</int>
- </void>
- <void method="add">
- <int>8192</int>
- </void>
- </object>
- </void>
- <void method="put">
- <string>minimumavailablebitlength</string>
- <int>0</int>
- </void>
- <void method="put">
- <string>maximumavailablebitlength</string>
- <int>8192</int>
- </void>
- <void method="put">
- <string>signaturealgorithm</string>
- <null/>
- </void>
- <void method="put">
- <string>usekeyusage</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>keyusage</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <boolean>true</boolean>
- </void>
- <void method="add">
- <boolean>true</boolean>
- </void>
- <void method="add">
- <boolean>true</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- <void method="add">
- <boolean>false</boolean>
- </void>
- </object>
- </void>
- <void method="put">
- <string>allowkeyusageoverride</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>keyusagecritical</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>useextendedkeyusage</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>extendedkeyusage</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <string>1.3.6.1.5.5.7.3.2</string>
- </void>
- <void method="add">
- <string>1.3.6.1.5.5.7.3.4</string>
- </void>
- <void method="add">
- <string>1.3.6.1.5.5.7.3.1</string>
- </void>
- </object>
- </void>
- <void method="put">
- <string>extendedkeyusagecritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usedocumenttypelist</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>documenttypelistcritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>documenttypelist</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <string>availablecas</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <int>-1</int>
- </void>
- </object>
- </void>
- <void method="put">
- <string>usedpublishers</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <string>useocspnocheck</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useldapdnorder</string>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>usecustomdnorder</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usemicrosofttemplate</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>microsofttemplate</string>
- <string></string>
- </void>
- <void method="put">
- <string>usecardnumber</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usecnpostfix</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>cnpostfix</string>
- <string></string>
- </void>
- <void method="put">
- <string>usesubjectdnsubset</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>subjectdnsubset</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <string>usesubjectaltnamesubset</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>subjectaltnamesubset</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <string>usepathlengthconstraint</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>pathlengthconstraint</string>
- <int>0</int>
- </void>
- <void method="put">
- <string>useqcstatement</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usepkixqcsyntaxv2</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useqcstatementcritical</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useqcstatementraname</string>
- <string></string>
- </void>
- <void method="put">
- <string>useqcsematicsid</string>
- <string></string>
- </void>
- <void method="put">
- <string>useqcetsiqccompliance</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useqcetsisignaturedevice</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useqcetsivaluelimit</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>qcetsivaluelimit</string>
- <int>0</int>
- </void>
- <void method="put">
- <string>qcetsivaluelimitexp</string>
- <int>0</int>
- </void>
- <void method="put">
- <string>qcetsivaluelimitcurrency</string>
- <string></string>
- </void>
- <void method="put">
- <string>useqcetsiretentionperiod</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>qcetsiretentionperiod</string>
- <int>0</int>
- </void>
- <void method="put">
- <string>useqccustomstring</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>qccustomstringoid</string>
- <string></string>
- </void>
- <void method="put">
- <string>qccustomstringtext</string>
- <string></string>
- </void>
- <void method="put">
- <string>qcetsipds</string>
- <null/>
- </void>
- <void method="put">
- <string>qcetsitype</string>
- <null/>
- </void>
- <void method="put">
- <string>usecertificatetransparencyincerts</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usecertificatetransparencyinocsp</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usecertificatetransparencyinpublisher</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usesubjectdirattributes</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usenameconstraints</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useauthorityinformationaccess</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>caissuers</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <string>usedefaultcaissuer</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usedefaultocspservicelocator</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>ocspservicelocatoruri</string>
- <string></string>
- </void>
- <void method="put">
- <string>cvcaccessrights</string>
- <int>3</int>
- </void>
- <void method="put">
- <string>usedcertificateextensions</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <string>approvals</string>
- <object class="java.util.LinkedHashMap">
- <void method="put">
- <object class="java.lang.Enum" method="valueOf">
- <class>org.cesecore.certificates.ca.ApprovalRequestType</class>
- <string>REVOCATION</string>
- </object>
- <int>-1</int>
- </void>
- <void method="put">
- <object class="java.lang.Enum" method="valueOf">
- <class>org.cesecore.certificates.ca.ApprovalRequestType</class>
- <string>KEYRECOVER</string>
- </object>
- <int>-1</int>
- </void>
- <void method="put">
- <object class="java.lang.Enum" method="valueOf">
- <class>org.cesecore.certificates.ca.ApprovalRequestType</class>
- <string>ADDEDITENDENTITY</string>
- </object>
- <int>-1</int>
- </void>
- </object>
- </void>
- <void method="put">
- <string>useprivkeyusageperiodnotbefore</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useprivkeyusageperiod</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>useprivkeyusageperiodnotafter</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>privkeyusageperiodstartoffset</string>
- <long>0</long>
- </void>
- <void method="put">
- <string>privkeyusageperiodlength</string>
- <long>63072000</long>
- </void>
- <void method="put">
- <string>usesingleactivecertificateconstraint</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>overridableextensionoids</string>
- <object class="java.util.LinkedHashSet"/>
- </void>
- <void method="put">
- <string>nonoverridableextensionoids</string>
- <object class="java.util.LinkedHashSet"/>
- </void>
- <void method="put">
- <string>allowcertsnoverride</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>usecustomdnorderldap</string>
- <boolean>false</boolean>
- </void>
- </object>
-</java>
diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
deleted file mode 100755
index a538238151..0000000000
--- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/bin/sh
-
-waitForEjbcaToStart() {
- until $(curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth --output /dev/null --silent --head --fail)
- do
- sleep 5
- done
-}
-
-configureEjbca() {
- ejbca.sh ca init \
- --caname ManagementCA \
- --dn "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345" \
- --tokenType soft \
- --keyspec 3072 \
- --keytype RSA \
- -v 3652 \
- --policy null \
- -s SHA256WithRSA \
- -type "x509"
- ejbca.sh config cmp addalias --alias cmpRA
- ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra
- ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK}
- ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value signature
- ejbca.sh config cmp updatealias --alias cmpRA --key authenticationmodule --value 'HMAC;EndEntityCertificate'
- ejbca.sh config cmp updatealias --alias cmpRA --key authenticationparameters --value '-;ManagementCA'
- ejbca.sh config cmp updatealias --alias cmpRA --key allowautomatickeyupdate --value true
- #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth)
- ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles
- #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml)
- ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER
- #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml)
- ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849
- caSubject=$(ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout | grep 'Subject' | sed -e "s/^Subject: //" | sed -n '1p')
- ejbca.sh config cmp updatealias --alias cmpRA --key defaultca --value "$caSubject"
- ejbca.sh config cmp dumpalias --alias cmpRA
- ejbca.sh config cmp addalias --alias cmp
- ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true
- ejbca.sh config cmp updatealias --alias cmp --key responseprotection --value pbe
- ejbca.sh ra addendentity --username Node123 --dn "CN=Node123" --caname ManagementCA --password ${CLIENT_IAK} --type 1 --token USERGENERATED
- ejbca.sh ra setclearpwd --username Node123 --password ${CLIENT_IAK}
- ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN
- ejbca.sh config cmp dumpalias --alias cmp
- ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem
- #Add "Certificate Update Admin" role to allow performing KUR/CR for certs within specific organization (e.g. Linux-Foundation)
- ejbca.sh roles addrole "Certificate Update Admin"
- ejbca.sh roles changerule "Certificate Update Admin" /ca/ManagementCA/ ACCEPT
- ejbca.sh roles changerule "Certificate Update Admin" /ca_functionality/create_certificate/ ACCEPT
- ejbca.sh roles changerule "Certificate Update Admin" /endentityprofilesrules/Custom_EndEntity/ ACCEPT
- ejbca.sh roles changerule "Certificate Update Admin" /ra_functionality/edit_end_entity/ ACCEPT
- ejbca.sh roles addrolemember "Certificate Update Admin" ManagementCA WITH_ORGANIZATION --value "{{ .Values.cmpv2Config.global.certificate.default.subject.organization }}"
- # workarround to exit successfully, as a reexecution of "addrolemember" returns an error
- exit 0
-}
-
-
-waitForEjbcaToStart
-configureEjbca
diff --git a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml b/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml
deleted file mode 100644
index ec51a80d5e..0000000000
--- a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml
+++ /dev/null
@@ -1,1107 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<java version="1.8.0_242" class="java.beans.XMLDecoder">
- <object class="java.util.LinkedHashMap">
- <void method="put">
- <string>version</string>
- <float>14.0</float>
- </void>
- <void method="put">
- <string>NUMBERARRAY</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>3</int>
- </void>
- <void method="add">
- <int>3</int>
- </void>
- <void method="add">
- <int>3</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>3</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>1</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- <void method="add">
- <int>0</int>
- </void>
- </object>
- </void>
- <void method="put">
- <string>SUBJECTDNFIELDORDER</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <int>500</int>
- </void>
- <void method="add">
- <int>1100</int>
- </void>
- <void method="add">
- <int>1200</int>
- </void>
- <void method="add">
- <int>1300</int>
- </void>
- <void method="add">
- <int>1400</int>
- </void>
- <void method="add">
- <int>1600</int>
- </void>
- </object>
- </void>
- <void method="put">
- <string>SUBJECTALTNAMEFIELDORDER</string>
- <object class="java.util.ArrayList">
- <void method="add">
- <int>1800</int>
- </void>
- <void method="add">
- <int>1801</int>
- </void>
- <void method="add">
- <int>1802</int>
- </void>
- <void method="add">
- <int>1700</int>
- </void>
- <void method="add">
- <int>1701</int>
- </void>
- <void method="add">
- <int>1702</int>
- </void>
- <void method="add">
- <int>1900</int>
- </void>
- <void method="add">
- <int>1901</int>
- </void>
- <void method="add">
- <int>1902</int>
- </void>
- <void method="add">
- <int>2100</int>
- </void>
- <void method="add">
- <int>2101</int>
- </void>
- <void method="add">
- <int>2102</int>
- </void>
- </object>
- </void>
- <void method="put">
- <string>SUBJECTDIRATTRFIELDORDER</string>
- <object class="java.util.ArrayList"/>
- </void>
- <void method="put">
- <int>0</int>
- <string></string>
- </void>
- <void method="put">
- <int>20000</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10000</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30000</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>1</int>
- <string></string>
- </void>
- <void method="put">
- <int>20001</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10001</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30001</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>95</int>
- <string></string>
- </void>
- <void method="put">
- <int>20095</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10095</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30095</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>96</int>
- <string></string>
- </void>
- <void method="put">
- <int>20096</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10096</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30096</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>5</int>
- <string></string>
- </void>
- <void method="put">
- <int>20005</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10005</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30005</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>26</int>
- <string></string>
- </void>
- <void method="put">
- <int>20026</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10026</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30026</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>29</int>
- <string>1834889499</string>
- </void>
- <void method="put">
- <int>20029</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10029</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30029</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30</int>
- <string>1834889499</string>
- </void>
- <void method="put">
- <int>20030</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10030</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30030</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>31</int>
- <string>1</string>
- </void>
- <void method="put">
- <int>20031</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10031</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30031</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>32</int>
- <string>1;2;3;4</string>
- </void>
- <void method="put">
- <int>20032</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10032</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30032</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>33</int>
- <string></string>
- </void>
- <void method="put">
- <int>20033</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10033</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30033</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>34</int>
- <string></string>
- </void>
- <void method="put">
- <int>20034</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10034</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30034</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>38</int>
- <string>1</string>
- </void>
- <void method="put">
- <int>20038</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10038</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30038</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>37</int>
- <string>-29939301</string>
- </void>
- <void method="put">
- <int>20037</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10037</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30037</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>98</int>
- <string></string>
- </void>
- <void method="put">
- <int>20098</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10098</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30098</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>99</int>
- <string></string>
- </void>
- <void method="put">
- <int>20099</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10099</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30099</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>97</int>
- <string></string>
- </void>
- <void method="put">
- <int>20097</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10097</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30097</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>91</int>
- <string>false</string>
- </void>
- <void method="put">
- <int>20091</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10091</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30091</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>94</int>
- <string>-1</string>
- </void>
- <void method="put">
- <int>20094</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10094</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30094</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>93</int>
- <string>-1</string>
- </void>
- <void method="put">
- <int>20093</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10093</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30093</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>89</int>
- <string></string>
- </void>
- <void method="put">
- <int>20089</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10089</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30089</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>88</int>
- <string></string>
- </void>
- <void method="put">
- <int>20088</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10088</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30088</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <string>ALLOW_MERGEDN_WEBSERVICES</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>2</int>
- <string></string>
- </void>
- <void method="put">
- <int>20002</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10002</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10090</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>90</int>
- <string>0</string>
- </void>
- <void method="put">
- <string>REVERSEFFIELDCHECKS</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>28</int>
- <string>false</string>
- </void>
- <void method="put">
- <int>20028</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10028</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>REUSECERTIFICATE</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>35</int>
- <string>false</string>
- </void>
- <void method="put">
- <int>20035</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10035</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10092</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>USEEXTENSIONDATA</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>PRINTINGUSE</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>PRINTINGDEFAULT</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>PRINTINGREQUIRED</string>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <string>PRINTINGCOPIES</string>
- <int>1</int>
- </void>
- <void method="put">
- <string>PRINTINGPRINTERNAME</string>
- <string></string>
- </void>
- <void method="put">
- <string>PRINTINGSVGDATA</string>
- <string></string>
- </void>
- <void method="put">
- <string>PRINTINGSVGFILENAME</string>
- <string></string>
- </void>
- <void method="put">
- <int>11</int>
- <string></string>
- </void>
- <void method="put">
- <int>20011</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10011</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30011</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>12</int>
- <string></string>
- </void>
- <void method="put">
- <int>20012</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10012</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30012</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>13</int>
- <string></string>
- </void>
- <void method="put">
- <int>20013</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10013</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30013</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>14</int>
- <string></string>
- </void>
- <void method="put">
- <int>20014</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10014</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30014</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>16</int>
- <string></string>
- </void>
- <void method="put">
- <int>20016</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>10016</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30016</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>18</int>
- <string></string>
- </void>
- <void method="put">
- <int>20018</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10018</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30018</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>118</int>
- <string></string>
- </void>
- <void method="put">
- <int>20118</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10118</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30118</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>218</int>
- <string></string>
- </void>
- <void method="put">
- <int>20218</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10218</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30218</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>17</int>
- <string></string>
- </void>
- <void method="put">
- <int>20017</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10017</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30017</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>117</int>
- <string></string>
- </void>
- <void method="put">
- <int>20117</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10117</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30117</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>217</int>
- <string></string>
- </void>
- <void method="put">
- <int>20217</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10217</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>30217</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>19</int>
- <string></string>
- </void>
- <void method="put">
- <int>20019</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10019</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30019</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>119</int>
- <string></string>
- </void>
- <void method="put">
- <int>20119</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10119</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30119</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>219</int>
- <string></string>
- </void>
- <void method="put">
- <int>20219</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10219</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30219</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>21</int>
- <string></string>
- </void>
- <void method="put">
- <int>20021</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10021</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30021</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>121</int>
- <string></string>
- </void>
- <void method="put">
- <int>20121</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10121</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30121</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>221</int>
- <string></string>
- </void>
- <void method="put">
- <int>20221</int>
- <boolean>false</boolean>
- </void>
- <void method="put">
- <int>10221</int>
- <boolean>true</boolean>
- </void>
- <void method="put">
- <int>30221</int>
- <boolean>true</boolean>
- </void>
- </object>
-</java>
diff --git a/kubernetes/contrib/components/ejbca/templates/configmap.yaml b/kubernetes/contrib/components/ejbca/templates/configmap.yaml
deleted file mode 100644
index 093657dfe0..0000000000
--- a/kubernetes/contrib/components/ejbca/templates/configmap.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-{{/*
-# Copyright © 2020, Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: "{{ include "common.fullname" . }}-config-script"
-data:
-{{ tpl (.Files.Glob "resources/ejbca-config.sh").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: "{{ include "common.fullname" . }}-profiles"
-data:
-{{ tpl (.Files.Glob "resources/certprofile_CUSTOM_ENDUSER-1834889499.xml").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/entityprofile_Custom_EndEntity-1356531849.xml").AsConfig . | indent 2 }}
diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml
deleted file mode 100644
index a36dcacb23..0000000000
--- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml
+++ /dev/null
@@ -1,120 +0,0 @@
-{{/*
-# Copyright © 2020, Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector: {{- include "common.selectors" . | nindent 4 }}
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- {{- if (include "common.onServiceMesh" . ) }}
- annotations:
- {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
- linkerd.io/inject: disabled
- {{- end }}
- {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
- sidecar.istio.io/rewriteAppHTTPProbers: "false"
- proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }'
- {{- end }}
- {{- end }}
- spec:
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- initContainers:
- - name: {{ include "common.name" . }}-db-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- {{- if .Values.global.mariadbGalera.localCluster }}
- - ejbca-galera
- {{- else }}
- - ejbca-config
- {{- end }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- containers:
- - name: {{ include "common.name" . }}-ejbca
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.ejbca.image }}
- imagePullPolicy: {{ .Values.pullPolicy }}
- lifecycle:
- postStart:
- exec:
- command:
- - sh
- - -c
- - |
- sleep 60; /opt/primekey/scripts/ejbca-config.sh
- volumeMounts:
- - name: "{{ include "common.fullname" . }}-volume"
- mountPath: /opt/primekey/scripts/
- - name: "{{ include "common.fullname" . }}-profiles-volume"
- mountPath: /opt/primekey/custom_profiles/
- ports: {{ include "common.containerPorts" . | nindent 10 }}
- env:
- - name: INITIAL_ADMIN
- value: ";PublicAccessAuthenticationToken:TRANSPORT_ANY;"
- - name: NO_CREATE_CA
- value: "true"
- - name: DATABASE_JDBC_URL
- value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ .Values.mysqlDatabase }}
- - name: DATABASE_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "login") | indent 10 }}
- - name: DATABASE_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "password") | indent 10 }}
- - name: RA_IAK
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 10 }}
- - name: CLIENT_IAK
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 10 }}
- livenessProbe:
- httpGet:
- port: {{ .Values.liveness.port }}
- path: {{ .Values.liveness.path }}
- scheme: HTTPS
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- readinessProbe:
- httpGet:
- port: {{ .Values.readiness.port }}
- path: {{ .Values.readiness.path }}
- scheme: HTTPS
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- {{- if .Values.nodeSelector }}
- nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 10 }}
- {{- end }}
- resources: {{ include "common.resources" . | nindent 10 }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - configMap:
- name: "{{ include "common.fullname" . }}-config-script"
- defaultMode: 0755
- name: "{{ include "common.fullname" . }}-volume"
- - configMap:
- name: "{{ include "common.fullname" . }}-profiles"
- defaultMode: 0755
- name: "{{ include "common.fullname" . }}-profiles-volume"
diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml
deleted file mode 100644
index c223f41f79..0000000000
--- a/kubernetes/contrib/components/ejbca/values.yaml
+++ /dev/null
@@ -1,135 +0,0 @@
-# Copyright © 2020, Nordix Foundation, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-global:
- mariadbGalera: &mariadbGalera
- #This flag allows SO to instantiate its own mariadb-galera cluster
- #When changing it to "true", also set "globalCluster: false"
- #as the dependency check will not work otherwise (Chart.yaml)
- localCluster: false
- globalCluster: true
- service: mariadb-galera
- internalPort: 3306
- nameOverride: mariadb-galera
-
-secrets:
- - uid: ejbca-db-secret
- name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
- login: '{{ .Values.config.db.userName }}'
- password: '{{ .Values.config.db.userPassword }}'
- - uid: ejbca-server-ra-iak
- name: '{{ include "common.release" . }}-ejbca-ra-iak'
- type: password
- password: '{{ .Values.config.ejbca.raIak }}'
- - uid: ejbca-server-client-iak
- name: '{{ include "common.release" . }}-ejbca-client-iak'
- type: password
- password: '{{ .Values.config.ejbca.clientIak }}'
-
-# application configuration
-config:
- db:
- userName: ejbca
- # userPassword: password
- # userCredentialsExternalSecret: some-secret
- ejbca: {}
- # raIak: mypassword
- # clientIak: mypassword
-
-mysqlDatabase: &dbName ejbca
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application configuration
-replicaCount: 1
-
-ejbca:
- image: primekey/ejbca-ce:7.4.3.2
-pullPolicy: Always
-
-mariadb-galera:
- db:
- externalSecret: *ejbca-db-secret
- name: *dbName
- nameOverride: &ejbca-galera ejbca-galera
- service:
- name: ejbca-galera
- portName: ejbca-galera
- internalPort: 3306
- replicaCount: 1
- persistence:
- enabled: true
- mountSubPath: ejbca/maria/data
- serviceAccount:
- nameOverride: *ejbca-galera
-
-mariadb-init:
- config:
- userCredentialsExternalSecret: *ejbca-db-secret
- mysqlDatabase: *dbName
- nameOverride: ejbca-config
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- path: /ejbca/publicweb/healthcheck/ejbcahealth
- port: 8443
- initialDelaySeconds: 180
- periodSeconds: 30
-
-readiness:
- path: /ejbca/publicweb/healthcheck/ejbcahealth
- port: 8443
- initialDelaySeconds: 180
- periodSeconds: 30
-
-service:
- type: ClusterIP
- both_tls_and_plain: true
- ports:
- - name: api
- port: 8443
- plain_port: 8080
- port_protocol: http
-
-# Resource Limit flavor -By Default using small
-flavor: unlimited
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1500m
- memory: 1536Mi
- requests:
- cpu: 10m
- memory: 750Mi
- large:
- limits:
- cpu: 2
- memory: 2Gi
- requests:
- cpu: 20m
- memory: 1Gi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: ejbca
- roles:
- - read
diff --git a/kubernetes/contrib/components/netbox/.helmignore b/kubernetes/contrib/components/netbox/.helmignore
deleted file mode 100755
index f0c1319444..0000000000
--- a/kubernetes/contrib/components/netbox/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/contrib/components/netbox/Chart.yaml b/kubernetes/contrib/components/netbox/Chart.yaml
deleted file mode 100755
index 2454db227b..0000000000
--- a/kubernetes/contrib/components/netbox/Chart.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Netbox IPAM
-name: netbox
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: netbox-app
- version: ~12.x-0
- repository: 'file://components/netbox-app'
- - name: netbox-nginx
- version: ~12.x-0
- repository: 'file://components/netbox-nginx'
- - name: netbox-postgres
- version: ~12.x-0
- repository: 'file://components/netbox-postgres' \ No newline at end of file
diff --git a/kubernetes/contrib/components/netbox/Makefile b/kubernetes/contrib/components/netbox/Makefile
deleted file mode 100644
index ef273d0e9b..0000000000
--- a/kubernetes/contrib/components/netbox/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/contrib/components/netbox/components/Makefile b/kubernetes/contrib/components/netbox/components/Makefile
deleted file mode 100644
index 79ba2fb47e..0000000000
--- a/kubernetes/contrib/components/netbox/components/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore
deleted file mode 100755
index f0c1319444..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml
deleted file mode 100755
index 0bbe2d2e3c..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Netbox - Application (WSGI + Gunicorn)
-name: netbox-app
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py
deleted file mode 100755
index 7d704ae762..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py
+++ /dev/null
@@ -1,156 +0,0 @@
-import os
-import socket
-
-# For reference see http://netbox.readthedocs.io/en/latest/configuration/mandatory-settings/
-# Based on https://github.com/digitalocean/netbox/blob/develop/netbox/netbox/configuration.example.py
-
-# Read secret from file
-def read_secret(secret_name):
- try:
- f = open('/run/secrets/' + secret_name, 'r', encoding='utf-8')
- except EnvironmentError:
- return ''
- else:
- with f:
- return f.readline().strip()
-
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-
-#########################
-# #
-# Required settings #
-# #
-#########################
-
-# This is a list of valid fully-qualified domain names (FQDNs) for the NetBox server. NetBox will not permit write
-# access to the server via any other hostnames. The first FQDN in the list will be treated as the preferred name.
-#
-# Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local']
-ALLOWED_HOSTS = os.environ.get('ALLOWED_HOSTS', socket.gethostname()).split(' ')
-
-# PostgreSQL database configuration.
-DATABASE = {
- 'NAME': os.environ.get('DB_NAME', 'netbox'), # Database name
- 'USER': os.environ.get('DB_USER', ''), # PostgreSQL username
- 'PASSWORD': os.environ.get('DB_PASSWORD', read_secret('db_password')),
- # PostgreSQL password
- 'HOST': os.environ.get('DB_HOST', 'localhost'), # Database server
- 'PORT': os.environ.get('DB_PORT', ''), # Database port (leave blank for default)
-}
-
-# This key is used for secure generation of random numbers and strings. It must never be exposed outside of this file.
-# For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and
-# symbols. NetBox will not run without this defined. For more information, see
-# https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SECRET_KEY
-SECRET_KEY = os.environ.get('SECRET_KEY', read_secret('secret_key'))
-
-#########################
-# #
-# Optional settings #
-# #
-#########################
-
-# Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of
-# application errors (assuming correct email settings are provided).
-ADMINS = [
- # ['John Doe', 'jdoe@example.com'],
-]
-
-# Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same
-# content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP.
-BANNER_TOP = os.environ.get('BANNER_TOP', '')
-BANNER_BOTTOM = os.environ.get('BANNER_BOTTOM', '')
-
-# Text to include on the login page above the login form. HTML is allowed.
-BANNER_LOGIN = os.environ.get('BANNER_LOGIN', '')
-
-# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set:
-# BASE_PATH = 'netbox/'
-BASE_PATH = os.environ.get('BASE_PATH', '')
-
-# API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be
-# allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or
-# CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers
-CORS_ORIGIN_ALLOW_ALL = os.environ.get('CORS_ORIGIN_ALLOW_ALL', 'False').lower() == 'true'
-CORS_ORIGIN_WHITELIST = os.environ.get('CORS_ORIGIN_WHITELIST', '').split(' ')
-CORS_ORIGIN_REGEX_WHITELIST = [
- # r'^(https?://)?(\w+\.)?example\.com$',
-]
-
-# Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal
-# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging
-# on a production system.
-DEBUG = os.environ.get('DEBUG', 'False').lower() == 'true'
-
-# Email settings
-EMAIL = {
- 'SERVER': os.environ.get('EMAIL_SERVER', 'localhost'),
- 'PORT': int(os.environ.get('EMAIL_PORT', 25)),
- 'USERNAME': os.environ.get('EMAIL_USERNAME', ''),
- 'PASSWORD': os.environ.get('EMAIL_PASSWORD', read_secret('email_password')),
- 'TIMEOUT': int(os.environ.get('EMAIL_TIMEOUT', 10)), # seconds
- 'FROM_EMAIL': os.environ.get('EMAIL_FROM', ''),
-}
-
-# Enforcement of unique IP space can be toggled on a per-VRF basis.
-# To enforce unique IP space within the global table (all prefixes and IP addresses not assigned to a VRF),
-# set ENFORCE_GLOBAL_UNIQUE to True.
-ENFORCE_GLOBAL_UNIQUE = os.environ.get('ENFORCE_GLOBAL_UNIQUE', 'False').lower() == 'true'
-
-# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs:
-# https://docs.djangoproject.com/en/1.11/topics/logging/
-LOGGING = {}
-
-# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users
-# are permitted to access most data in NetBox (excluding secrets) but not make any changes.
-LOGIN_REQUIRED = os.environ.get('LOGIN_REQUIRED', 'False').lower() == 'true'
-
-# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set:
-# BASE_PATH = 'netbox/'
-BASE_PATH = os.environ.get('BASE_PATH', '')
-
-# Setting this to True will display a "maintenance mode" banner at the top of every page.
-MAINTENANCE_MODE = os.environ.get('MAINTENANCE_MODE', 'False').lower() == 'true'
-
-# An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g.
-# "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request
-# all objects by specifying "?limit=0".
-MAX_PAGE_SIZE = int(os.environ.get('MAX_PAGE_SIZE', 1000))
-
-# The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that
-# the default value of this setting is derived from the installed location.
-MEDIA_ROOT = os.environ.get('MEDIA_ROOT', os.path.join(BASE_DIR, 'media'))
-
-# Credentials that NetBox will use to access live devices.
-NAPALM_USERNAME = os.environ.get('NAPALM_USERNAME', '')
-NAPALM_PASSWORD = os.environ.get('NAPALM_PASSWORD', read_secret('napalm_password'))
-
-# NAPALM timeout (in seconds). (Default: 30)
-NAPALM_TIMEOUT = int(os.environ.get('NAPALM_TIMEOUT', 30))
-
-# NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must
-# be provided as a dictionary.
-NAPALM_ARGS = {}
-
-# Determine how many objects to display per page within a list. (Default: 50)
-PAGINATE_COUNT = int(os.environ.get('PAGINATE_COUNT', 50))
-
-# When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to
-# prefer IPv4 instead.
-PREFER_IPV4 = os.environ.get('PREFER_IPV4', 'False').lower() == 'true'
-
-# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of
-# this setting is derived from the installed location.
-REPORTS_ROOT = os.environ.get('REPORTS_ROOT', '/etc/netbox/reports')
-
-# Time zone (default: UTC)
-TIME_ZONE = os.environ.get('TIME_ZONE', 'UTC')
-
-# Date/time formatting. See the following link for supported formats:
-# https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date
-DATE_FORMAT = os.environ.get('DATE_FORMAT', 'N j, Y')
-SHORT_DATE_FORMAT = os.environ.get('SHORT_DATE_FORMAT', 'Y-m-d')
-TIME_FORMAT = os.environ.get('TIME_FORMAT', 'g:i a')
-SHORT_TIME_FORMAT = os.environ.get('SHORT_TIME_FORMAT', 'H:i:s')
-DATETIME_FORMAT = os.environ.get('DATETIME_FORMAT', 'N j, Y g:i a')
-SHORT_DATETIME_FORMAT = os.environ.get('SHORT_DATETIME_FORMAT', 'Y-m-d H:i')
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py
deleted file mode 100755
index c7d9f7b725..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py
+++ /dev/null
@@ -1,8 +0,0 @@
-command = '/usr/bin/gunicorn'
-pythonpath = '/opt/netbox/netbox'
-bind = '0.0.0.0:{{ .Values.service.internalPort }}'
-workers = 3
-errorlog = '-'
-accesslog = '-'
-capture_output = False
-loglevel = 'debug'
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py
deleted file mode 100755
index c7e0d3bee9..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py
+++ /dev/null
@@ -1,55 +0,0 @@
-import ldap
-import os
-
-from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
-
-# Server URI
-AUTH_LDAP_SERVER_URI = os.environ.get('AUTH_LDAP_SERVER_URI', '')
-
-# The following may be needed if you are binding to Active Directory.
-AUTH_LDAP_CONNECTION_OPTIONS = {
- ldap.OPT_REFERRALS: 0
-}
-
-# Set the DN and password for the NetBox service account.
-AUTH_LDAP_BIND_DN = os.environ.get('AUTH_LDAP_BIND_DN', '')
-AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', '')
-
-# Include this setting if you want to ignore certificate errors. This might be needed to accept a self-signed cert.
-# Note that this is a NetBox-specific setting which sets:
-# ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
-LDAP_IGNORE_CERT_ERRORS = os.environ.get('LDAP_IGNORE_CERT_ERRORS', 'False').lower() == 'true'
-
-AUTH_LDAP_USER_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', ''),
- ldap.SCOPE_SUBTREE,
- "(sAMAccountName=%(user)s)")
-
-# This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group
-# heirarchy.
-AUTH_LDAP_GROUP_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN', ''), ldap.SCOPE_SUBTREE,
- "(objectClass=group)")
-AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
-
-# Define a group required to login.
-AUTH_LDAP_REQUIRE_GROUP = os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', '')
-
-# Define special user types using groups. Exercise great caution when assigning superuser status.
-AUTH_LDAP_USER_FLAGS_BY_GROUP = {
- "is_active": os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''),
- "is_staff": os.environ.get('AUTH_LDAP_IS_ADMIN_DN', ''),
- "is_superuser": os.environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '')
-}
-
-# For more granular permissions, we can map LDAP groups to Django groups.
-AUTH_LDAP_FIND_GROUP_PERMS = os.environ.get('AUTH_LDAP_FIND_GROUP_PERMS', 'True').lower() == 'true'
-
-# Cache groups for one hour to reduce LDAP traffic
-AUTH_LDAP_CACHE_GROUPS = os.environ.get('AUTH_LDAP_CACHE_GROUPS', 'True').lower() == 'true'
-AUTH_LDAP_GROUP_CACHE_TIMEOUT = int(os.environ.get('AUTH_LDAP_CACHE_GROUPS', 3600))
-
-# Populate the Django user from the LDAP directory.
-AUTH_LDAP_USER_ATTR_MAP = {
- "first_name": os.environ.get('AUTH_LDAP_ATTR_FIRSTNAME', 'givenName'),
- "last_name": os.environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'),
- "email": os.environ.get('AUTH_LDAP_ATTR_MAIL', 'mail')
-}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml
deleted file mode 100755
index 05bbfc7738..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-external-key:
- description: "The external-key uniquely identify the resources to a service within ONAP."
- filterable: true
- label: ONAP external key
- on_objects:
- - ipam.models.IPAddress
- required: true
- type: text
- weight: 0
-resource-name:
- description: "The resource-name of the element using this IP."
- filterable: true
- label: ONAP resource name
- on_objects:
- - ipam.models.IPAddress
- required: true
- type: text
- weight: 0 \ No newline at end of file
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml
deleted file mode 100755
index 1f4a5a7a6e..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-# applications:
-# users:
-# - technical_user
-# readers:
-# users:
-# - reader
-# writers:
-# users:
-# - writer
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml
deleted file mode 100755
index 77d330beac..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-onap:
- first_name: Steve
- last_name: McQueen
- email: steve.mcqueen@onap.org
- password: onap123$
- api_token: onceuponatimeiplayedwithnetbox20180814 # This API KEY is used by SDNC, if you edit it, make sure to change it in the netbox.properties file
- is_staff: true # whether user is admin or not, default = false
- is_active: true # whether user is active, default = true
- is_superuser: true # Whether user has all edit rights or not, default = false \ No newline at end of file
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh
deleted file mode 100755
index 984801decb..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh
+++ /dev/null
@@ -1,136 +0,0 @@
-#!/bin/sh
-
-# Create region
-
-echo "Create region: RegionOne"
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json' \
- -d '{
- "name": "RegionOne",
- "slug": "RegionOne"
-}'
-
-# Create tenant group
-
-echo "Create tenant group: ONAP group"
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json' \
- -d '{
- "name": "ONAP group",
- "slug": "onap-group"
-}'
-
-# Create tenant
-
-echo "Create tenant ONAP in ONAP group"
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json' \
- -d '{
- "name": "ONAP",
- "slug": "onap",
- "group": 1,
- "description": "ONAP tenant",
- "comments": "Tenant for ONAP demo use cases"
-}'
-
-# Create site
-
-echo "Create ONAP demo site: Montreal Lab"
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json' \
- -d '{
- "name": "Montreal Lab D3",
- "slug": "mtl-lab-d3",
- "region": 1,
- "tenant": 1,
- "facility": "Campus",
- "time_zone": "Canada/Atlantic",
- "description": "Site hosting the ONAP use cases",
- "physical_address": "1 Graham Bell",
- "shipping_address": "1 Graham Bell",
- "contact_name": "Alexis",
- "contact_phone": "0000000000",
- "contact_email": "adetalhouet89@gmail.com",
- "comments": "ONAP lab"
-}'
-
-# Create prefixes
-
-echo "Create Prefix for vFW protected network"
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json' \
- -d '{
- "prefix": "{{ .Values.service.private2 }}",
- "site": 1,
- "tenant": 1,
- "is_pool": false,
- "description": "IP Pool for private network 2"
-}'
-
-echo "Create Prefix for vFW unprotected network"
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json' \
- -d '{
- "prefix": "{{ .Values.service.private1 }}",
- "site": 1,
- "tenant": 1,
- "is_pool": false,
- "description": "IP Pool for private network 1"
-}'
-
-echo "Create Prefix for ONAP general purpose network"
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json' \
- -d '{
- "prefix": "{{ .Values.service.management }}",
- "site": 1,
- "tenant": 1,
- "is_pool": false,
- "description": "IP Pool for ONAP - general purpose"
-}'
-
-# Reserve ports, gateway and dhcp, for each protected and unprotected networks.
-
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json'
-
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json'
-
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json'
-
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json'
-
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json'
-
-curl --silent -X POST \
- http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \
- -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
- -H 'Content-Type: application/json'
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py
deleted file mode 100755
index 7626058357..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py
+++ /dev/null
@@ -1,26 +0,0 @@
-from django.contrib.auth.models import Group, User
-from users.models import Token
-
-from ruamel.yaml import YAML
-
-with open('/opt/netbox/initializers/users.yml', 'r') as stream:
- yaml=YAML(typ='safe')
- users = yaml.load(stream)
-
- if users is not None:
- for username, user_details in users.items():
- if not User.objects.filter(username=username):
- user = User.objects.create_user(
- username = username,
- password = user_details.get('password', 0) or User.objects.make_random_password,
- is_staff = user_details.get('is_staff', 0) or false,
- is_superuser = user_details.get('is_superuser', 0) or false,
- is_active = user_details.get('is_active', 0) or true,
- first_name = user_details.get('first_name', 0),
- last_name = user_details.get('last_name', 0),
- email = user_details.get('email', 0))
-
- print("👤 Created user ",username)
-
- if user_details.get('api_token', 0):
- Token.objects.create(user=user, key=user_details['api_token']) \ No newline at end of file
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py
deleted file mode 100755
index 7932874704..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py
+++ /dev/null
@@ -1,19 +0,0 @@
-from django.contrib.auth.models import Group, User
-from ruamel.yaml import YAML
-
-with open('/opt/netbox/initializers/groups.yml', 'r') as stream:
- yaml=YAML(typ='safe')
- groups = yaml.load(stream)
-
- if groups is not None:
- for groupname, group_details in groups.items():
- group, created = Group.objects.get_or_create(name=groupname)
-
- if created:
- print("👥 Created group", groupname)
-
- for username in group_details['users']:
- user = User.objects.get(username=username)
-
- if user:
- user.groups.add(group)
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py
deleted file mode 100755
index 5c40e37bf2..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py
+++ /dev/null
@@ -1,68 +0,0 @@
-from extras.constants import CF_TYPE_TEXT, CF_TYPE_INTEGER, CF_TYPE_BOOLEAN, CF_TYPE_DATE, CF_TYPE_URL, CF_TYPE_SELECT
-from extras.models import CustomField, CustomFieldChoice
-
-from ruamel.yaml import YAML
-
-text_to_fields = {
- 'boolean': CF_TYPE_BOOLEAN,
- 'date': CF_TYPE_DATE,
- 'integer': CF_TYPE_INTEGER,
- 'selection': CF_TYPE_SELECT,
- 'text': CF_TYPE_TEXT,
- 'url': CF_TYPE_URL,
-}
-
-def get_class_for_class_path(class_path):
- import importlib
- from django.contrib.contenttypes.models import ContentType
-
- module_name, class_name = class_path.rsplit(".", 1)
- module = importlib.import_module(module_name)
- clazz = getattr(module, class_name)
- return ContentType.objects.get_for_model(clazz)
-
-with open('/opt/netbox/initializers/custom_fields.yml', 'r') as stream:
- yaml = YAML(typ='safe')
- customfields = yaml.load(stream)
-
- if customfields is not None:
- for cf_name, cf_details in customfields.items():
- custom_field, created = CustomField.objects.get_or_create(name = cf_name)
-
- if created:
- if cf_details.get('default', 0):
- custom_field.default = cf_details['default']
-
- if cf_details.get('description', 0):
- custom_field.description = cf_details['description']
-
- if cf_details.get('filterable', 0):
- custom_field.is_filterables = cf_details['filterable']
-
- if cf_details.get('label', 0):
- custom_field.label = cf_details['label']
-
- for object_type in cf_details.get('on_objects', []):
- custom_field.obj_type.add(get_class_for_class_path(object_type))
-
- if cf_details.get('required', 0):
- custom_field.required = cf_details['required']
-
- if cf_details.get('type', 0):
- custom_field.type = text_to_fields[cf_details['type']]
-
- if cf_details.get('weight', 0):
- custom_field.weight = cf_details['weight']
-
- custom_field.save()
-
- for choice_details in cf_details.get('choices', []):
- choice = CustomFieldChoice.objects.create(
- field=custom_field,
- value=choice_details['value'])
-
- if choice_details.get('weight', 0):
- choice.weight = choice_details['weight']
- choice.save()
-
- print("🔧 Created custom field", cf_name)
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt
deleted file mode 100755
index e70c418864..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.fullname" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml
deleted file mode 100755
index f785478e1b..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-provisioning-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/provisioning/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-configuration-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/configuration/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-initializers-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/initializers/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-startupscripts-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/startup_scripts/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml
deleted file mode 100755
index 04abfc26ae..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml
+++ /dev/null
@@ -1,158 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{ if .Values.liveness.enabled }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-pass
- key: DB_PASSWORD
- - name: EMAIL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-pass
- key: EMAIL_PASSWORD
- - name: NAPALM_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-pass
- key: NAPALM_PASSWORD
- - name: SECRET_KEY
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-pass
- key: SECRET_KEY
- - name: SUPERUSER_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-pass
- key: SUPERUSER_PASSWORD
- - name: SUPERUSER_API_TOKEN
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-pass
- key: SUPERUSER_API_TOKEN
- - name: ALLOWED_HOSTS
- value: {{ .Values.config.allowedHosts | quote }}
- - name: DB_NAME
- value: {{ .Values.config.dbName }}
- - name: DB_USER
- value: {{ .Values.config.dbUser }}
- - name: DB_HOST
- value: {{ .Values.config.dbHost }}
- - name: EMAIL_SERVER
- value: {{ .Values.config.emailServer }}
- - name: EMAIL_PORT
- value: {{ .Values.config.emailPort | quote }}
- - name: EMAIL_USERNAME
- value: {{ .Values.config.emailUsername }}
- - name: EMAIL_TIMEOUT
- value: {{ .Values.config.emailTimeout | quote }}
- - name: EMAIL_FROM
- value: {{ .Values.config.emailFrom }}
- - name: MEDIA_ROOT
- value: {{ .Values.config.mediaRoot }}
- - name: NAPALM_USERNAME
- value: {{ .Values.config.napalmUsername }}
- - name: NAPALM_TIMEOUT
- value: {{ .Values.config.napalmTimeout | quote }}
- - name: MAX_PAGE_SIZE
- value: {{ .Values.config.maxPageSize | quote }}
- - name: SUPERUSER_NAME
- value: {{ .Values.config.superuserName }}
- - name: SUPERUSER_EMAIL
- value: {{ .Values.config.superuserEmail }}
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /opt/netbox/startup_scripts
- name: {{ include "common.fullname" . }}-startupscripts-config
- - mountPath: /opt/netbox/initializers
- name: {{ include "common.fullname" . }}-initializers-config
- - mountPath: /etc/netbox/config
- name: {{ include "common.fullname" . }}-configuration-config
- - name: {{ include "common.fullname" . }}
- mountPath: /opt/netbox/netbox/static
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}
- persistentVolumeClaim:
- claimName: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }}
- - name: {{ include "common.fullname" . }}-startupscripts-config
- configMap:
- name: {{ include "common.fullname" . }}-startupscripts-configmap
- - name: {{ include "common.fullname" . }}-initializers-config
- configMap:
- name: {{ include "common.fullname" . }}-initializers-configmap
- - name: {{ include "common.fullname" . }}-configuration-config
- configMap:
- name: {{ include "common.fullname" . }}-configuration-configmap
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml
deleted file mode 100644
index 3b367a3d4a..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{/*
-# Copyright © 2018 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ include "common.fullname" . }}-provisioning
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-job
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- backoffLimit: 5
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}-provisioning-job
- release: {{ include "common.release" . }}
- spec:
- restartPolicy: Never
- initContainers:
- - name: {{ include "common.name" . }}-init-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - netbox-app
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- containers:
- - name: {{ include "common.name" . }}-provisioning-job
- image: {{ include "repositoryGenerator.image.curl" . }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-provisioning
- mountPath: /tmp
- command:
- - /bin/sh
- - ./tmp/provision.sh
- volumes:
- - name: {{ include "common.fullname" . }}-provisioning
- configMap:
- name: {{ include "common.fullname" . }}-provisioning-configmap
- defaultMode: 0755
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- restartPolicy: Never
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml
deleted file mode 100755
index a61217fb94..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if not .Values.persistence.storageClass -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}/app
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml
deleted file mode 100755
index 7e25a0f1ef..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- {{- if .Values.persistence.annotations }}
- annotations:
-{{ .Values.persistence.annotations | indent 4 }}
- {{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
- storageClassName: {{ include "common.storageClass" . }}
-{{- end -}}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml
deleted file mode 100755
index c06bc5a333..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/*
-# Copyright © 2018 Bell Canada, Amdocs
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-pass
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
- DB_PASSWORD: {{ .Values.config.dbPassword | b64enc | quote }}
- EMAIL_PASSWORD: {{ .Values.config.emailPassword | b64enc | quote }}
- NAPALM_PASSWORD: {{ .Values.config.napalmPassword | b64enc | quote }}
- SECRET_KEY: {{ .Values.config.secretKey | b64enc | quote }}
- SUPERUSER_PASSWORD: {{ .Values.config.superuserPassword | b64enc | quote }}
- SUPERUSER_API_TOKEN: {{ .Values.config.superuserAPIToken | b64enc | quote }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml
deleted file mode 100755
index 74d1116f50..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- name: {{ include "common.name" . }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- name: {{ include "common.name" . }}
- targetPort: {{ .Values.service.internalPort }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml
deleted file mode 100755
index 27cd811ec1..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml
+++ /dev/null
@@ -1,120 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global: # global defaults
- nodePortPrefixExt: 304
- persistence: {}
-
-config:
- # Secrets configuration values
- dbPassword: J5brHrAXFLQSif0K
- emailPassword: password
- napalmPassword: password
- secretKey: r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj
- superuserPassword: admin
- superuserAPIToken: 0123456789abcdef0123456789abcdef01234567
-
- # Remaining environment configuration values
- allowedHosts: "*"
- dbName: netbox
- dbUser: netbox
- dbHost: netbox-postgres
- emailServer: localhost
- emailPort: 25
- emailUsername: netbox
- emailTimeout: 5
- emailFrom: netbox@bar.com
- mediaRoot: /opt/netbox/netbox/media
- napalmUsername: napalm
- napalmTimeout: 10
- maxPageSize: 0
- superuserName: admin
- superuserEmail: admin@onap.org
-
-image: netboxcommunity/netbox:v2.5.8
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: false
-
-readiness:
- initialDelaySeconds: 30
- periodSeconds: 10
-
-service:
- type: ClusterIP
- name: netbox-app
- externalPort: 8001
- internalPort: 8001
- portName: netbox-app
-
- # The following subnet pool will be
- # configured in Netbox by provisioning script.
- private1: 192.168.10.0/24
- private2: 192.168.20.0/24
- management: 10.0.101.0/24
-
-ingress:
- enabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteMany
- size: 100Mi
-
- # Uncomment the storageClass parameter to use an existing PV
- # that will match the following class.
- # When uncomment the storageClass, the PV is not created anymore.
-
- # storageClass: "nfs-dev-sc"
-
- staticPvName: netbox-static
-
- # When using storage class, mountPath and mountSubPath are
- # simply ignored.
-
- mountPath: /dockerdata-nfs
- mountSubPath: netbox/app
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-resources: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: netbox-app
- roles:
- - read
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore
deleted file mode 100755
index f0c1319444..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml
deleted file mode 100755
index 3d5987928b..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Netbox - Nginx web server
-name: netbox-nginx
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf b/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf
deleted file mode 100755
index 2ef2aca3a1..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf
+++ /dev/null
@@ -1,34 +0,0 @@
-worker_processes 1;
-
-events {
- worker_connections 1024;
-}
-
-http {
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- sendfile on;
- tcp_nopush on;
- keepalive_timeout 65;
- gzip on;
- server_tokens off;
- client_max_body_size 10M;
-
- server {
- listen {{ .Values.service.internalPort }};
- server_name {{ .Values.service.portName }};
- access_log off;
-
- location /static/ {
- alias /opt/netbox/netbox/static/;
- }
-
- location / {
- proxy_pass http://netbox-app:8001;
- proxy_set_header X-Forwarded-Host $http_host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-Proto $scheme;
- add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
- }
- }
-}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt
deleted file mode 100755
index bd74a42cd5..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml
deleted file mode 100755
index 26242be8e2..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-config-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml
deleted file mode 100755
index 252ba685b6..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml
+++ /dev/null
@@ -1,75 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["nginx"]
- args: ["-c", "/etc/netbox-nginx/nginx.conf","-g", "daemon off;"]
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: {{ include "common.fullname" . }}
- mountPath: /opt/netbox/netbox/static
- - name: {{ include "common.fullname" . }}-config
- mountPath: /etc/netbox-nginx
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-config
- configMap:
- name: {{ include "common.fullname" . }}-config-configmap
- - name: {{ include "common.fullname" . }}
- persistentVolumeClaim:
- claimName: {{ include "common.release" . }}-{{ .Values.persistence.staticPvName }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml
deleted file mode 100755
index c01612e0f4..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
- {{- else -}}
- - port: {{ .Values.service.internalPort }}
- targetPort: {{ .Values.service.internalPort }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml
deleted file mode 100755
index a7d0dadbf1..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml
+++ /dev/null
@@ -1,89 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-global: # global defaults
- nodePortPrefixExt: 304
- persistence: {}
- pullPolicy: Always
-
-# application image
-image: nginx:1.15-alpine
-pullPolicy: Always
-
-ingress:
- enabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteMany
- size: 1Gi
- mountPath: /dockerdata-nfs
- mountSubPath: netbox/nginx/data
-
- # Names used for shared pv/pvcs across App & Nginx containers
- staticPvName: netbox-static
-
-service:
- type: ClusterIP
- name: netbox-nginx
- portName: netbox-nginx
- internalPort: 8080
- nodePort: 20
-
-resources: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: netbox-nginx
- roles:
- - read
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore
deleted file mode 100755
index f0c1319444..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml
deleted file mode 100755
index e0bf081960..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Netbox Posgres database
-name: netbox-postgres
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt
deleted file mode 100755
index bd74a42cd5..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml
deleted file mode 100755
index 9bc530577a..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-docker-entry-initd
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/cassandra/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml
deleted file mode 100755
index ce789306ff..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- env:
- - name: POSTGRES_USER
- value: "{{ .Values.config.postgresUser }}"
- - name: POSTGRES_PASSWORD
- value: "{{ .Values.config.postgresPassword }}"
- - name: POSTGRES_DB
- value: "{{ .Values.config.postgresDB }}"
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/postgresql/
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- {{- if .Values.persistence.enabled }}
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml
deleted file mode 100755
index 37d07f05a1..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml
deleted file mode 100755
index 30da3add0d..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
- storageClassName: {{ include "common.storageClass" . }}
-{{- end -}}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml
deleted file mode 100755
index 75335884df..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml
deleted file mode 100755
index 7e0a324aa1..0000000000
--- a/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml
+++ /dev/null
@@ -1,88 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-global: # global defaults
- nodePortPrefixExt: 304
- persistence: {}
-
-# application image
-image: postgres:10.4-alpine
-pullPolicy: Always
-
-# application configuration
-config:
- postgresUser: netbox
- postgresPassword: J5brHrAXFLQSif0K
- postgresDB: netbox
-
-ingress:
- enabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
-
- # Uncomment the storageClass parameter to use an existing PV
- # that will match the following class.
- # When uncomment the storageClass, the PV is not created anymore.
-
- # storageClass: "nfs-dev-sc"
-
- accessMode: ReadWriteOnce
- size: 1Gi
-
- # When using storage class, mountPath and mountSubPath are
- # simply ignored.
-
- mountPath: /dockerdata-nfs
- mountSubPath: netbox/postgres/data
-
-service:
- type: ClusterIP
- name: netbox-postgres
- portName: netbox-postgres
- internalPort: 5432
- externalPort: 5432
-
-resources: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: netbox-postgres
- roles:
- - read
diff --git a/kubernetes/contrib/components/netbox/templates/ingress.yaml b/kubernetes/contrib/components/netbox/templates/ingress.yaml
deleted file mode 100755
index 6f604a79ba..0000000000
--- a/kubernetes/contrib/components/netbox/templates/ingress.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if .Values.ingress.enabled -}}
-{{- $serviceName := include "common.fullname" . -}}
-{{- $servicePort := .Values.service.externalPort -}}
-apiVersion: networking.k8s.io/v1beta1
-kind: Ingress
-metadata:
- name: {{ $serviceName }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
- {{- range $key, $value := .Values.ingress.annotations }}
- {{ $key }}: {{ $value | quote }}
- {{- end }}
-spec:
- rules:
- {{- range $host := .Values.ingress.hosts }}
- - host: {{ $host }}
- http:
- paths:
- - path: /
- backend:
- serviceName: {{ $serviceName }}
- servicePort: {{ $servicePort }}
- {{- end -}}
- {{- if .Values.ingress.tls }}
- tls:
-{{ toYaml .Values.ingress.tls | indent 4 }}
- {{- end -}}
-{{- end -}}
diff --git a/kubernetes/contrib/components/netbox/values.yaml b/kubernetes/contrib/components/netbox/values.yaml
deleted file mode 100755
index 04d2f27c7c..0000000000
--- a/kubernetes/contrib/components/netbox/values.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefixExt: 304
- commonConfigPrefix: netbox
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-pullPolicy: Always
-
-# default number of instances
-replicaCount: 1
-nodeSelector: {}
-affinity: {}
-
-ingress:
- enabled: false
-
-resources: {}
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md
deleted file mode 100644
index 72f522a000..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-# Motivations
-Ingress controller implementation in the ONAP cluster is based on the virtual host routing.
-Testing ONAP cluster requires a lot of entries on the target machines in the /etc/hosts.
-Adding many entries into the configuration files on testing machines is quite problematic and error prone.
-The better wait is to create central DNS server with entries for all virtual host pointed to simpledemo.onap.org and add custom DNS server as a target DNS server for testing machines and/or as external DNS for kubernetes cluster.
-
-# How to deploy test DNS server:
-Run script ./deploy\_dns.sh
-
-# How to add DNS address on testing machines:
-See post deploy info
-
-# Test DNS inside cluster (optional)
-1. You can add the following entry after DNS deploy on running cluster at the end of cluster.yaml file (rke)
-~~~yaml
-dns:
- provider: coredns
- upstreamnameservers:
- - <cluster_ip>:31555
-~~~
-2. You can edit coredns configuration with command:
- kubectl -n kube-system edit configmap coredns
-
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore
deleted file mode 100644
index dacad44a66..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/.helmignore
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# Copyright 2020 Samsung Electronics Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml
deleted file mode 100644
index dede98e707..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/Chart.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-#
-# Copyright 2020 Samsung Electronics Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-apiVersion: v2
-appVersion: "1.0"
-description: bind9 DNS server for kubernetes cluster
-name: bind9dns
-version: 0.1.0
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt
deleted file mode 100644
index 7211966b89..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/NOTES.txt
+++ /dev/null
@@ -1,21 +0,0 @@
-1. Get the installed DNS host and port by running this commands:
-{{- if .Values.ingress.enabled }}
-{{- range $host := .Values.ingress.hosts }}
- {{- range $.Values.ingress.paths }}
- http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }}
- {{- end }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "bind9dns.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo DNS host: $NODE_IP dns port: $NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "bind9dns.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "bind9dns.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "bind9dns.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:80
-{{- end }}
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl
deleted file mode 100644
index 3efbbbf831..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/_helpers.tpl
+++ /dev/null
@@ -1,49 +0,0 @@
-{{/*
-
- Copyright 2020 Samsung Electronics Co., Ltd.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
-*/}}
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "bind9dns.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "bind9dns.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "bind9dns.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml
deleted file mode 100644
index 7640be64a6..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml
+++ /dev/null
@@ -1,76 +0,0 @@
-{{/*
- Copyright 2020 Samsung Electronics Co., Ltd.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "bind9dns.fullname" . }}
- labels:
- app.kubernetes.io/name: {{ include "bind9dns.name" . }}
- helm.sh/chart: {{ include "bind9dns.chart" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app.kubernetes.io/name: {{ include "bind9dns.name" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- template:
- metadata:
- labels:
- app.kubernetes.io/name: {{ include "bind9dns.name" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ .Chart.Name }}
- image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: DNS_FORWARDER
- value: {{ .Values.dnsconf.forwarder }}
- - name: WILDCARD_DNS
- value: {{ .Values.dnsconf.wildcard }}
- - name: ALLOW_RECURSION
- value: any
- - name: ALLOW_QUERY
- value: any
- ports:
- - name: dnsport
- containerPort: {{ .Values.service.port }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.port }}
- initialDelaySeconds: 15
- periodSeconds: 20
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.port }}
- initialDelaySeconds: 5
- periodSeconds: 10
- resources:
- {{- toYaml .Values.resources | nindent 12 }}
- {{- with .Values.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml
deleted file mode 100644
index 715f2ff78e..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/service.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
- Copyright 2020 Samsung Electronics Co., Ltd.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
-*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "bind9dns.fullname" . }}
- labels:
- app.kubernetes.io/name: {{ include "bind9dns.name" . }}
- helm.sh/chart: {{ include "bind9dns.chart" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.port }}
- nodePort: {{ .Values.service.nodePort }}
- protocol: TCP
- name: dnstcp
- - port: {{ .Values.service.port }}
- nodePort: {{ .Values.service.nodePort }}
- protocol: UDP
- name: dnsudp
- selector:
- app.kubernetes.io/name: {{ include "bind9dns.name" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml
deleted file mode 100644
index 4fe5d05b02..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/*
- Copyright 2020 Samsung Electronics Co., Ltd.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
-*/}}
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "bind9dns.fullname" . }}-test-connection"
- labels:
- app.kubernetes.io/name: {{ include "bind9dns.name" . }}
- helm.sh/chart: {{ include "bind9dns.chart" . }}
- app.kubernetes.io/instance: {{ .Release.Name }}
- app.kubernetes.io/managed-by: {{ .Release.Service }}
- annotations:
- "helm.sh/hook": test-success
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- args: ['{{ include "bind9dns.fullname" . }}:{{ .Values.service.port }}']
- restartPolicy: Never
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml
deleted file mode 100644
index c9e19f41d0..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/values.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# Copyright 2020 Samsung Electronics Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-replicaCount: 1
-
-image:
- repository: luccksam/docker-bind
- tag: 0.1.0
- pullPolicy: IfNotPresent
-
-nameOverride: ""
-fullnameOverride: ""
-
-service:
- type: NodePort
- port: 53
- nodePort: 31555
-
-ingress:
- enabled: false
- annotations: {}
- paths: []
- hosts:
- - dnsserver.local
- tls: []
-
-resources: {}
-nodeSelector: {}
-tolerations: []
-affinity: {}
-
-dnsconf:
- forwarder: "8.8.8.8,8.8.4.4"
- wildcard: "simpledemo.onap.org=0.0.0.0"
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
deleted file mode 100755
index 294ae0a55e..0000000000
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
+++ /dev/null
@@ -1,106 +0,0 @@
-#!/bin/sh -e
-
-# Copyright 2020 Samsung Electronics Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-DNS_PORT=31555
-CLUSTER_CONTROL=$( kubectl get no -l node-role.kubernetes.io/controlplane=true -o jsonpath='{.items..metadata.name}')
-CLUSTER_IP=$(kubectl get no $CLUSTER_CONTROL -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }')
-SPATH="$( dirname "$( which "$0" )" )"
-
-
-
-usage() {
-cat << ==usage
-$0 [cluster_domain] [lb_ip] [helm_chart_args] ...
- [cluster_domain] Default value simpledemo.onap.org
- [lb_ip] Default value LoadBalancer IP
- [helm_chart_args] ... Optional arguments passed to helm install command
-$0 --help This message
-$0 --info Display howto configure target machine
-==usage
-}
-
-
-target_machine_notice_info()
-{
-cat << ==infodeploy
-Extra DNS server already deployed:
-1. You can add the DNS server to the target machine using following commands:
- sudo iptables -t nat -A OUTPUT -p tcp -d 192.168.211.211 --dport 53 -j DNAT --to-destination $CLUSTER_IP:$DNS_PORT
- sudo iptables -t nat -A OUTPUT -p udp -d 192.168.211.211 --dport 53 -j DNAT --to-destination $CLUSTER_IP:$DNS_PORT
- sudo sysctl -w net.ipv4.conf.all.route_localnet=1
- sudo sysctl -w net.ipv4.ip_forward=1
-2. Update /etc/resolv.conf file with nameserver 192.168.211.211 entry on your target machine
-==infodeploy
-}
-
-
-list_node_with_external_addrs()
-{
- local WORKER_NODES
- WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}')
- for worker in $WORKER_NODES; do
- local external_ip
- external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }')
- local internal_ip
- internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }')
- if [ $internal_ip != $external_ip ]; then
- echo $external_ip
- break
- fi
- done
-}
-
-ingress_controller_ip() {
- local metal_ns
- metal_ns=$(kubectl get ns --no-headers --output=custom-columns=NAME:metadata.name |grep metallb-system)
- if [ -z $metal_ns ]; then
- echo $CLUSTER_IP
- else
- list_node_with_external_addrs
- fi
-}
-
-deploy() {
- local ingress_ip
- ingress_ip=$(ingress_controller_ip)
- initdir = $(pwd)
- cd $SPATH/bind9dns
- if [ $# -eq 0 ]; then
- local cl_domain
- cl_domain="simpledemo.onap.org"
- else
- local cl_domain
- cl_domain=$1
- shift
- fi
- if [ $# -ne 0 ]; then
- ingress_ip=$1
- shift
- fi
- helm install . --set dnsconf.wildcard="$cl_domain=$ingress_ip" $@
- cd $initdir
- target_machine_notice_info
-}
-
-if [ $# -eq 1 ] && [ "$1" = "-h" ]; then
- usage
-elif [ $# -eq 1 ] && [ "$1" = "--help" ]; then
- usage
-elif [ $# -eq 1 ] && [ "$1" = "--info" ]; then
- target_machine_notice_info
-else
- deploy $@
-fi
diff --git a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml
deleted file mode 100644
index d579333157..0000000000
--- a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml
+++ /dev/null
@@ -1,296 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- name: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-
----
-
-kind: ConfigMap
-apiVersion: v1
-data:
- enable-underscores-in-headers: "true"
-metadata:
- name: nginx-configuration
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: tcp-services
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: udp-services
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: nginx-ingress-serviceaccount
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-
----
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
-metadata:
- name: nginx-ingress-clusterrole
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- - endpoints
- - nodes
- - pods
- - secrets
- verbs:
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - apiGroups:
- - ""
- resources:
- - services
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
- - apiGroups:
- - "extensions"
- - "networking.k8s.io"
- resources:
- - ingresses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - "extensions"
- - "networking.k8s.io"
- resources:
- - ingresses/status
- verbs:
- - update
-
----
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: Role
-metadata:
- name: nginx-ingress-role
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- - pods
- - secrets
- - namespaces
- verbs:
- - get
- - apiGroups:
- - ""
- resources:
- - configmaps
- resourceNames:
- # Defaults to "<election-id>-<ingress-class>"
- # Here: "<ingress-controller-leader>-<nginx>"
- # This has to be adapted if you change either parameter
- # when launching the nginx-ingress-controller.
- - "ingress-controller-leader-nginx"
- verbs:
- - get
- - update
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - create
- - apiGroups:
- - ""
- resources:
- - endpoints
- verbs:
- - get
-
----
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: RoleBinding
-metadata:
- name: nginx-ingress-role-nisa-binding
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: nginx-ingress-role
-subjects:
- - kind: ServiceAccount
- name: nginx-ingress-serviceaccount
- namespace: ingress-nginx
-
----
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
-metadata:
- name: nginx-ingress-clusterrole-nisa-binding
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: nginx-ingress-clusterrole
-subjects:
- - kind: ServiceAccount
- name: nginx-ingress-serviceaccount
- namespace: ingress-nginx
-
----
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: nginx-ingress-controller
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
- template:
- metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
- annotations:
- prometheus.io/port: "10254"
- prometheus.io/scrape: "true"
- spec:
- serviceAccountName: nginx-ingress-serviceaccount
- containers:
- - name: nginx-ingress-controller
- image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.1
- args:
- - /nginx-ingress-controller
- - --configmap=$(POD_NAMESPACE)/nginx-configuration
- - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- - --publish-service=$(POD_NAMESPACE)/ingress-nginx
- - --annotations-prefix=nginx.ingress.kubernetes.io
- - --enable-ssl-passthrough=true
- securityContext:
- allowPrivilegeEscalation: true
- capabilities:
- drop:
- - ALL
- add:
- - NET_BIND_SERVICE
- # www-data -> 33
- runAsUser: 33
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- ports:
- - name: http
- containerPort: 80
- - name: https
- containerPort: 443
- livenessProbe:
- failureThreshold: 3
- httpGet:
- path: /healthz
- port: 10254
- scheme: HTTP
- initialDelaySeconds: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 10
- readinessProbe:
- failureThreshold: 3
- httpGet:
- path: /healthz
- port: 10254
- scheme: HTTP
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 10
-
----
-
-apiVersion: v1
-kind: Service
-metadata:
- name: ingress-nginx
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-spec:
- type: NodePort
- ports:
- - name: http
- port: 80
- targetPort: 80
- protocol: TCP
- - name: https
- port: 443
- targetPort: 443
- protocol: TCP
- selector:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-
----
-
diff --git a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_enable_optional_load_balacer_service.yaml b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_enable_optional_load_balacer_service.yaml
deleted file mode 100644
index 57c0034775..0000000000
--- a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_enable_optional_load_balacer_service.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-kind: Service
-apiVersion: v1
-metadata:
- name: ingress-nginx
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
-spec:
- externalTrafficPolicy: Local
- type: LoadBalancer
- selector:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/part-of: ingress-nginx
- ports:
- - name: http
- port: 80
- targetPort: http
- - name: https
- port: 443
- targetPort: https
-
diff --git a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
deleted file mode 100755
index 495d540905..0000000000
--- a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
+++ /dev/null
@@ -1,92 +0,0 @@
-#!/bin/sh -e
-
-#
-# Copyright 2020 Samsung Electronics Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-usage()
-{
-cat << ==usage
-$0 Automatic configuration using external addresess from nodes
-$0 --help This message
-$0 -h This message
-$0 [cluster_ip1] ... [cluster_ipn] Cluster address or ip ranges
-==usage
-}
-
-
-find_nodes_with_external_addrs()
-{
- local WORKER_NODES
- WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}')
- for worker in $WORKER_NODES; do
- local external_ip
- external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }')
- local internal_ip
- internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }')
- if [ $internal_ip != $external_ip ]; then
- echo $external_ip
- fi
- done
-}
-
-generate_config_map()
-{
-cat <<CNFEOF | kubectl apply -f -
-apiVersion: v1
-kind: ConfigMap
-metadata:
- namespace: metallb-system
- name: config
-data:
- config: |
- address-pools:
- - name: default
- protocol: layer2
- addresses:
-$(for value in "$@"; do echo -e " - $value"; done)
-CNFEOF
-}
-
-generate_config_from_single_addr() {
- generate_config_map "$1 - $1"
-}
-
-install_metallb() {
- kubectl apply -f https://raw.githubusercontent.com/google/metallb/v0.9.3/manifests/namespace.yaml
- kubectl apply -f https://raw.githubusercontent.com/google/metallb/v0.9.3/manifests/metallb.yaml
- # Only when install
- kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
-}
-
-automatic_configuration() {
- install_metallb
- generate_config_from_single_addr $(find_nodes_with_external_addrs)
-}
-
-manual_configuration() {
- install_metallb
- generate_config_map $@
-}
-
-if [ $# -eq 1 ] && [ "$1" = "-h" ]; then
- usage
-if [ $# -eq 1 ] && [ "$1" = "--help" ]; then
- usage
-elif [ $# -eq 0 ]; then
- automatic_configuration
-else
- manual_configuration $@
-fi
diff --git a/kubernetes/contrib/tools/oomstat.py b/kubernetes/contrib/tools/oomstat.py
deleted file mode 100755
index 464290d3f6..0000000000
--- a/kubernetes/contrib/tools/oomstat.py
+++ /dev/null
@@ -1,256 +0,0 @@
-#!/usr/bin/env python
-
-#
-# Copyright (c) 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-"""
-Provides utilities to display oom (sub)modules resources stats
-"""
-
-import os
-import sys
-import getopt
-from fnmatch import fnmatch as match
-import yaml
-
-def info(thing):
- if thing:
- sys.stderr.write("{}\n".format(thing))
-
-try:
- from tabulate import tabulate
-except ImportError as e:
- info("Warning: cannot import tabulate module (): {}".format(str(e)))
- def tabulate(lines, headers, tablefmt=None):
- ''' basic tabulate function '''
- fmt = ""
- nbco = len(headers)
- lenco = map(len, headers)
- for line in lines:
- for i in range(nbco):
- lenco[i] = max(lenco[i], len(str(line[i])))
-
- fmt = map(lambda n: "{{:<{}}}".format(n), map(lambda i: i+2, lenco))
- fmt = " ".join(fmt)
- sep = map(lambda x: '-'*(x+2), lenco)
-
- output = [fmt.format(*headers), fmt.format(*sep)]
- for line in lines:
- output.append(fmt.format(*line))
- return "\n".join(output)
-
-
-def values(root='.'):
- ''' Get the list of values.yaml files '''
- a = []
- for dirname, dirnames, filenames in os.walk(root):
- for filename in filenames:
- if filename == 'values.yaml':
- a.append((dirname, filename))
-
- if '.git' in dirnames:
- # don't go into any .git directories.
- dirnames.remove('.git')
- return a
-
-
-def keys(dic, prefix=None):
- ''' recursively traverse the specified dict to collect existing keys '''
- result = []
- if dic:
- for k, v in dic.items():
- if prefix:
- k = '.'.join((prefix, k))
- if isinstance(v, dict):
- result += keys(v, k)
- else:
- result.append(k)
- return result
-
-
-class Project:
- '''
- class to access to oom (sub)module (aka project) resources
- '''
-
- def __init__(self, dirname, filename):
- self.dirname = os.path.normpath(dirname)
- self.name = self.explicit()
- self.filename = os.path.join(dirname, filename)
- self.resources = None
- self.load()
-
- def load(self):
- ''' load resources from yaml description '''
- with open(self.filename, 'r') as istream:
- try:
- v = yaml.load(istream)
- if v:
- self.resources = v.get('resources', None)
- except Exception as e:
- print(e)
- raise
-
- def explicit(self):
- ''' return an explicit name for the project '''
- path = []
- head, name = os.path.split(self.dirname)
- if not name:
- return head
- while head:
- head, tail = os.path.split(head)
- if tail:
- path.append(tail)
- else:
- path.append(head)
- head = None
- path.reverse()
- index = path.index('charts') if 'charts' in path else None
- if index:
- name = os.path.join(path[index-1], name)
- return name
-
- def __contains__(self, key):
- params = self.resources
- if key:
- for k in key.split('.'):
- if params and k in params:
- params = params[k]
- else:
- return False
- return True
-
- def __getitem__(self, key):
- params = self.resources
- for k in key.split('.'):
- if k in params:
- params = params[k]
- if params != self.resources:
- return params
-
- def get(self, key, default="-"):
- """ mimic dict method """
- if key in self:
- return self[key]
- return default
-
- def keys(self):
- """ mimic dict method """
- return keys(self.resources)
-
-
-#
-#
-#
-
-def usage(status=None):
- """ usage doc """
- arg0 = os.path.basename(os.path.abspath(sys.argv[0]))
- print("""Usage: {} [options] <root-directory>""".format(arg0))
- print((
- "\n"
- "Options:\n"
- "-h, --help Show this help message and exit\n"
- "-t, --table <format> Use the specified format to display the result table.\n"
- " Valid formats are those from the python `tabulate'\n"
- " module. When not available, a basic builtin tabular\n"
- " function is used and this field has no effect\n"
- "-f, --fields Comma separated list of resources fields to display.\n"
- " You may use wildcard patterns, eg small.*. Implicit\n"
- " value is *, ie all available fields will be used\n"
- "Examples:\n"
- " # {0} /opt/oom/kubernetes\n"
- " # {0} -f small.\\* /opt/oom/kubernetes\n"
- " # {0} -f '*requests.*' -t fancy_grid /opt/oom/kubernetes\n"
- " # {0} -f small.requests.cpu,small.requests.memory /opt/oom/kubernetes\n"
- ).format(arg0))
- if status is not None:
- sys.exit(status)
-
-
-def getopts():
- """ read options from cmdline """
- opts, args = getopt.getopt(sys.argv[1:],
- "hf:t:",
- ["help", "fields=", "table="])
- if len(args) != 1:
- usage(1)
-
- root = args[0]
- table = None
- fields = ['*']
- patterns = []
-
- for opt, arg in opts:
- if opt in ("-h", '--help'):
- usage(0)
- elif opt in ("-f", "--fields"):
- fields = arg.split(',')
- elif opt in ("-t", "--table"):
- table = arg
-
- return root, table, fields, patterns
-
-
-def main():
- """ main """
- try:
- root, table, fields, patterns = getopts()
- except getopt.GetoptError as e:
- print("Error: {}".format(e))
- usage(1)
-
- if not os.path.isdir(root):
- info("Cannot open {}: Not a directory".format(root))
- return
-
- # find projects
- projects = []
- for dirname, filename in values(root):
- projects.append(Project(dirname, filename))
- if not projects:
- info("No projects found in {} directory".format(root))
- return
-
- # check if we want to use pattern matching (wildcard only)
- if fields and reduce(lambda x, y: x or y,
- map(lambda string: '*' in string, fields)):
- patterns = fields
- fields = []
-
- # if fields are not specified or patterns are used, discover available fields
- # and use them (sort for readability)
- if patterns or not fields:
- avail = sorted(set(reduce(lambda x, y: x+y,
- map(lambda p: p.keys(), projects))))
- if patterns:
- for pattern in patterns:
- fields += filter(lambda string: match(string, pattern), avail)
- else:
- fields = avail
-
- # collect values for each project
- results = map(lambda project: [project.name] + map(project.get,
- fields),
- projects)
-
- # and then print
- if results:
- headers = ['project'] + fields
- print(tabulate(sorted(results), headers, tablefmt=table))
-
-
-main()
diff --git a/kubernetes/contrib/tools/registry-initialize.sh b/kubernetes/contrib/tools/registry-initialize.sh
deleted file mode 100755
index 798f375509..0000000000
--- a/kubernetes/contrib/tools/registry-initialize.sh
+++ /dev/null
@@ -1,152 +0,0 @@
-#!/bin/sh -x
-
-# Copyright (c) 2021 AT&T. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Pre-requisite
-# 1. Chart packages available under local directory provided as input/argument
-# 2. helm client installed with push plugin
-# 3. ONAP chartmuseum service deployed
-
-usage()
-{
- echo "Chart Base directory or helm chart from local repo must be provided as input!!"
- echo "Usage: registry-initialize.sh -d chartdirectory \
-<-n namespace override> <-r helmrelease override> <-p chart name prefix> | <-h helm charts from local repo>"
- exit 1
-}
-
-if [ $# -eq 0 ]; then
- usage
-fi
-
-# defaults
-NAMESPACE=onap
-RLS_NAME=onap
-LOGIN=""
-PASSWORD=""
-PREF=""
-HELM_REPO=local
-
-while getopts ":d:n:r:p:h:c:" opt; do
- case $opt in
- d) BASEDIR="$OPTARG"
- ;;
- n) NAMESPACE="$OPTARG"
- ;;
- r) RLS_NAME="$OPTARG"
- ;;
- p) PREF="$OPTARG"
- ;;
- h) HELM_CHART="$OPTARG"
- ;;
- c) HELM_REPO="$OPTARG"
- ;;
- \?) echo "Invalid option -$OPTARG" >&2
- usage
- ;;
- esac
-done
-
-
-if [ -z "$BASEDIR" ] && [ -z "$HELM_CHART" ] ; then
- echo "Chart base directory provided $BASEDIR and helm chart from local repo is empty"
- exit
-fi
-
-if [ -n "$BASEDIR" ] && [ -n "$HELM_CHART" ] ; then
- echo "Both chart base directory $BASEDIR and helm chart from local repo $HELM_CHART cannot be used at the same time "
- exit
-fi
-
-if [ -n "$BASEDIR" ]; then
- if [ "$(find $BASEDIR -maxdepth 1 -name '*tgz' -print -quit)" ]; then
- echo "$BASEDIR valid"
- else
- echo "No chart package on $BASEDIR provided"
- exit
- fi
-fi
-
-if [ -n "$HELM_CHART" ]; then
- tmp_location=$(mktemp -d)
- helm pull $HELM_REPO/$HELM_CHART -d $tmp_location
- if [ $? -eq 0 ]; then
- echo "Helm chart $HELM_CHART has been pulled out from in $HELM_REPO repo"
- BASEDIR=$tmp_location
- else
- echo "No chart package $HELM_CHART on $HELM_REPO repo"
- exit
- fi
-fi
-
-if [ -z "$PREF" ] && [ -z "$HELM_CHART" ] ; then
- PREF=dcae
-fi
-
-LOGIN=$(kubectl -n "$NAMESPACE" get secret \
- "${RLS_NAME}-chartmuseum-registrycred" \
- -o jsonpath='{.data.login}' | base64 -d)
-
-PASSWORD=$(kubectl -n "$NAMESPACE" get secret \
- "${RLS_NAME}-chartmuseum-registrycred" \
- -o jsonpath='{.data.password}' | base64 -d)
-
-if [ -z "$LOGIN" ] || [ -z "$PASSWORD" ]; then
- echo "Login/Password credential for target registry cannot be retrieved"
- exit 1
-fi
-
-# Expose cluster port via port-forwarding
-kubectl -n $NAMESPACE port-forward service/chart-museum 27017:80 &
-if [ $? -ne 0 ]; then
- echo "Error in port forwarding; registry cannot be added!!"
- exit 1
-fi
-
-sleep 5
-
-# Add chartmuseum repo as helm repo
-# Credentials should match config defined in
-# oom\kubernetes\platform\components\chartmuseum\values.yaml
-helm repo add k8s-registry http://127.0.0.1:27017 --username "$LOGIN" \
- --password "$PASSWORD"
-if [ $? -ne 0 ]; then
- echo "registry cannot be added!!"
- pkill -f "port-forward service/chart-museum"
- exit 1
-fi
-
-# Initial scope is pushing only dcae charts
-# can be expanded to include all onap charts if required
-for file in $BASEDIR/$PREF*tgz; do
- # use helm plugin to push charts
- helm cm-push -f $file k8s-registry
- if [ $? -eq 0 ]; then
- echo "$file uploaded to registry successfully"
- else
- echo "registry upload failed!!"
- pkill -f "port-forward service/chart-museum"
- helm repo remove k8s-registry
- exit 1
- fi
-done
-
-echo "All Helm charts successfully uploaded into internal repository"
-
-# Remove the port-forwarding process
-pkill -f "port-forward service/chart-museum"
-
-# Remove helm registry from local
-helm repo remove k8s-registry
diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh
deleted file mode 100755
index a8938a96ee..0000000000
--- a/kubernetes/contrib/tools/rke/rke_setup.sh
+++ /dev/null
@@ -1,353 +0,0 @@
-#!/bin/sh
-
-#############################################################################
-# Copyright © 2019 Bell.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#############################################################################
-#
-# This installation is for an RKE install of kubernetes
-# after this run the standard oom install
-# this installation can be run on any ubuntu 16.04/18.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host
-# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment
-# source from https://jira.onap.org/browse/OOM-1598
-#
-# master/dublin
-# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06
-# 20190428 RKE 0.2.1, Kubernetes 1.13.5, kubectl 1.13.5, Helm 2.12.3, Docker 18.09.5
-# single node install, HA pending
-
-usage() {
-cat <<EOF
-Usage: $0 [PARAMs]
-example
-sudo ./rke_setup.sh -b master -s rke.onap.cloud -e onap -l amdocs -v true
--u : Display usage
--b [branch] : branch = master or dublin (required)
--s [server] : server = IP or DNS name (required)
--e [environment] : use the default (onap)
--k [key] : ssh key name
--l [username] : login username account (use ubuntu for example)
-EOF
-}
-
-install_onap() {
- #constants
- PORT=8880
- KUBERNETES_VERSION=
- RKE_VERSION=0.2.1
- KUBECTL_VERSION=1.13.5
- HELM_VERSION=2.12.3
- DOCKER_VERSION=18.09
-
- # copy your private ssh key and cluster.yml file to the vm
- # on your dev machine
- #sudo cp ~/.ssh/onap_rsa .
- #sudo chmod 777 onap_rsa
- #scp onap_rsa ubuntu@192.168.241.132:~/
- # on this vm
- #sudo chmod 400 onap_rsa
- #sudo cp onap_rsa ~/.ssh
- # make sure public key is insetup correctly in
- # sudo vi ~/.ssh/authorized_keys
-
- echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/"
- echo "The RKE version specific cluster.yaml is already integrated in this script for 0.2.1 no need for below generation..."
- echo "rke config --name cluster.yml"
- echo "specifically"
- echo "address: $SERVER"
- echo "user: $USERNAME"
- echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY"
-
- RKETOOLS=
- HYPERCUBE=
- POD_INFRA_CONTAINER=
- RKETOOLS=0.1.27
- HYPERCUBE=1.13.5-rancher1
- POD_INFRA_CONTAINER=rancher/pause:3.1
-
- cat > cluster.yml <<EOF
-# generated from rke_setup.sh
-nodes:
-- address: $SERVER
- port: "22"
- internal_address: ""
- role:
- - controlplane
- - worker
- - etcd
- hostname_override: ""
- user: $USERNAME
- docker_socket: /var/run/docker.sock
- ssh_key: ""
- ssh_key_path: $SSHPATH_PREFIX/$SSHKEY
- ssh_cert: ""
- ssh_cert_path: ""
- labels: {}
-services:
- etcd:
- image: ""
- extra_args: {}
- extra_binds: []
- extra_env: []
- external_urls: []
- ca_cert: ""
- cert: ""
- key: ""
- path: ""
- snapshot: null
- retention: ""
- creation: ""
- backup_config: null
- kube-api:
- image: ""
- extra_args: {}
- extra_binds: []
- extra_env: []
- service_cluster_ip_range: 10.43.0.0/16
- service_node_port_range: ""
- pod_security_policy: false
- always_pull_images: false
- kube-controller:
- image: ""
- extra_args: {}
- extra_binds: []
- extra_env: []
- cluster_cidr: 10.42.0.0/16
- service_cluster_ip_range: 10.43.0.0/16
- scheduler:
- image: ""
- extra_args: {}
- extra_binds: []
- extra_env: []
- kubelet:
- image: ""
- extra_args:
- max-pods: 900
- extra_binds: []
- extra_env: []
- cluster_domain: cluster.local
- infra_container_image: ""
- cluster_dns_server: 10.43.0.10
- fail_swap_on: false
- kubeproxy:
- image: ""
- extra_args: {}
- extra_binds: []
- extra_env: []
-network:
- plugin: canal
- options: {}
-authentication:
- strategy: x509
- sans: []
- webhook: null
-system_images:
- etcd: rancher/coreos-etcd:v3.2.24-rancher1
- alpine: rancher/rke-tools:v$RKETOOLS
- nginx_proxy: rancher/rke-tools:v$RKETOOLS
- cert_downloader: rancher/rke-tools:v$RKETOOLS
- kubernetes_services_sidecar: rancher/rke-tools:v$RKETOOLS
- kubedns: rancher/k8s-dns-kube-dns:1.15.0
- dnsmasq: rancher/k8s-dns-dnsmasq-nanny:1.15.0
- kubedns_sidecar: rancher/k8s-dns-sidecar:1.15.0
- kubedns_autoscaler: rancher/cluster-proportional-autoscaler:1.0.0
- kubernetes: rancher/hyperkube:v$HYPERCUBE
- flannel: rancher/coreos-flannel:v0.10.0-rancher1
- flannel_cni: rancher/flannel-cni:v0.3.0-rancher1
- calico_node: rancher/calico-node:v3.4.0
- calico_cni: rancher/calico-cni:v3.4.0
- calico_controllers: ""
- calico_ctl: rancher/calico-ctl:v2.0.0
- canal_node: rancher/calico-node:v3.4.0
- canal_cni: rancher/calico-cni:v3.4.0
- canal_flannel: rancher/coreos-flannel:v0.10.0
- wave_node: weaveworks/weave-kube:2.5.0
- weave_cni: weaveworks/weave-npc:2.5.0
- pod_infra_container: $POD_INFRA_CONTAINER
- ingress: rancher/nginx-ingress-controller:0.21.0-rancher3
- ingress_backend: rancher/nginx-ingress-controller-defaultbackend:1.4-rancher1
- metrics_server: rancher/metrics-server:v0.3.1
-ssh_key_path: $SSHPATH
-ssh_cert_path: ""
-ssh_agent_auth: false
-authorization:
- mode: rbac
- options: {}
-ignore_docker_version: false
-kubernetes_version: "$KUBERNETES_VERSION"
-private_registries: []
-ingress:
- provider: ""
- options: {}
- node_selector: {}
- extra_args: {}
-cluster_name: ""
-cloud_provider:
- name: ""
-prefix_path: ""
-addon_job_timeout: 0
-bastion_host:
- address: ""
- port: ""
- user: ""
- ssh_key: ""
- ssh_key_path: ""
- ssh_cert: ""
- ssh_cert_path: ""
-monitoring:
- provider: ""
- options: {}
-restore:
- restore: false
- snapshot_name: ""
-dns: null
-EOF
-
-
-
- echo "Installing on ${SERVER} for ${BRANCH}: RKE: ${RKE_VERSION} Kubectl: ${KUBECTL_VERSION} Helm: ${HELM_VERSION} Docker: ${DOCKER_VERSION} username: ${USERNAME}"
- sudo echo "127.0.0.1 ${SERVER}" >> /etc/hosts
- echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script"
- curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh
- sudo usermod -aG docker $USERNAME
-
- echo "Install RKE"
- sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64
- mv rke_linux-amd64 rke
- sudo chmod +x rke
- sudo mv ./rke /usr/local/bin/rke
-
- echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL"
- # ubuntu specific
- sudo apt-get install make -y
-
- sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl
- sudo chmod +x ./kubectl
- sudo mv ./kubectl /usr/local/bin/kubectl
- sudo mkdir ~/.kube
- wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz
- sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz
- sudo mv linux-amd64/helm /usr/local/bin/helm
-
- echo "Bringing RKE up - using supplied cluster.yml"
- sudo rke up
- echo "wait 2 extra min for the cluster"
- sleep 60
- echo "1 more min"
- sleep 60
- echo "copy kube_config_cluter.yaml generated - to ~/.kube/config"
- sudo cp kube_config_cluster.yml ~/.kube/config
- # avoid using sudo for kubectl
- sudo chmod 777 ~/.kube/config
- echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added"
- echo "kubectl get pods --all-namespaces"
- kubectl get pods --all-namespaces
- echo "install tiller/helm"
- kubectl -n kube-system create serviceaccount tiller
- kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
- helm init --service-account tiller
- kubectl -n kube-system rollout status deploy/tiller-deploy
- echo "upgrade server side of helm in kubernetes"
- if [ "$USERNAME" = "root" ]; then
- helm version
- else
- sudo helm version
- fi
- echo "sleep 30"
- sleep 30
- if [ "$USERNAME" = "root" ]; then
- helm init --upgrade
- else
- sudo helm init --upgrade
- fi
- echo "sleep 30"
- sleep 30
- echo "verify both versions are the same below"
- if [ "$USERNAME" = "root" ]; then
- helm version
- else
- sudo helm version
- fi
- echo "start helm server"
- if [ "$USERNAME" = "root" ]; then
- helm serve &
- else
- sudo helm serve &
- fi
- echo "sleep 30"
- sleep 30
- echo "add local helm repo"
- if [ "$USERNAME" = "root" ]; then
- helm repo add local http://127.0.0.1:8879
- helm repo list
- else
- sudo helm repo add local http://127.0.0.1:8879
- sudo helm repo list
- fi
- echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict"
- echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client"
- echo "to get the nodeport for a specific VM running grafana"
- echo "kubectl get services --all-namespaces | grep graf"
- sudo docker version
- helm version
- kubectl version
- kubectl get services --all-namespaces
- kubectl get pods --all-namespaces
- echo "finished!"
-}
-
-BRANCH=
-SERVER=
-ENVIRON=
-VALIDATE=false
-USERNAME=ubuntu
-SSHPATH_PREFIX=~/.ssh
-
-while getopts ":b:s:e:u:l:k:v" PARAM; do
- case $PARAM in
- u)
- usage
- exit 1
- ;;
- b)
- BRANCH=${OPTARG}
- ;;
- e)
- ENVIRON=${OPTARG}
- ;;
- s)
- SERVER=${OPTARG}
- ;;
- l)
- USERNAME=${OPTARG}
- ;;
- k)
- SSHKEY=${OPTARG}
- ;;
- v)
- VALIDATE=${OPTARG}
- ;;
- ?)
- usage
- exit
- ;;
- esac
-done
-
-if [ -z $BRANCH ]; then
- usage
- exit 1
-fi
-
-install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE
diff --git a/kubernetes/contrib/values.yaml b/kubernetes/contrib/values.yaml
deleted file mode 100644
index 8a44934d8f..0000000000
--- a/kubernetes/contrib/values.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2019 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- cmpv2Enabled: true
-
-awx:
- enabled: true
-netbox:
- enabled: true
diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/authorizationpolicy.yaml
index 1c7f6ffe4a..7158c0263f 100644
--- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pvc.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/templates/authorizationpolicy.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright 2018 Intel Corporation, Inc
+# Copyright © 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,4 +14,4 @@
# limitations under the License.
*/}}
-{{ include "common.PVC" . }}
+{{ include "common.authorizationPolicy" . }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
index 7c6b3e9649..ee21e10109 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
@@ -125,6 +125,14 @@ ingress:
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: dcae-pm-mapper-read
+ - serviceAccount: message-router-read
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
# Data Router Publisher Credentials
drPubscriberCreds:
username: username
diff --git a/kubernetes/contrib/components/ejbca/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/authorizationpolicy.yaml
index 837da0959b..7158c0263f 100644
--- a/kubernetes/contrib/components/ejbca/templates/secret.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/templates/authorizationpolicy.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2020, Nordix Foundation
+# Copyright © 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,4 +14,4 @@
# limitations under the License.
*/}}
-{{ include "common.secretFast" . }}
+{{ include "common.authorizationPolicy" . }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
index 06ff279207..31a24e82b9 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/values.yaml
@@ -67,6 +67,10 @@ service:
port: 8088
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals: []
+
# Initial Application Configuration
applicationConfig:
FEEDER_ADDR: dl-feeder
diff --git a/kubernetes/contrib/components/ejbca/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/authorizationpolicy.yaml
index 46eed4264c..7158c0263f 100644
--- a/kubernetes/contrib/components/ejbca/templates/service.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/templates/authorizationpolicy.yaml
@@ -1,5 +1,5 @@
{{/*
-# Copyright © 2020, Nordix Foundation
+# Copyright © 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,4 +14,4 @@
# limitations under the License.
*/}}
-{{ include "common.service" . }}
+{{ include "common.authorizationPolicy" . }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
index 9049e0a03c..12617e1405 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/values.yaml
@@ -78,6 +78,10 @@ service:
port: 1681
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals: []
+
#postgres configuration
postgres:
config:
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..30d173c2d8
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/templates/authorizationpolicy.yaml
@@ -0,0 +1,136 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "primary" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "replica" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
index 552e00cfbd..8c3fb48264 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml
@@ -80,6 +80,15 @@ service:
port: 1680
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: dcae-datalake-admin-ui-read
+ - serviceAccount: dcae-datalake-des-read
+ authorizedPrincipalsPostgres:
+ - serviceAccount: dcae-datalake-des-read
+ - serviceAccount: dcae-datalake-feeder-read
+
credentials:
- name: PG_USER
uid: *pgUserCredsSecretUid
diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..30d173c2d8
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/templates/authorizationpolicy.yaml
@@ -0,0 +1,136 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "primary" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "replica" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
index cc33dd144b..b7b6fe0562 100644
--- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml
@@ -81,6 +81,13 @@ service:
port: 10002
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ authorizedPrincipalsPostgres:
+ - serviceAccount: dcae-heartbeat-read
+
credentials:
- name: HEARTBEAT_PG_USERNAME
uid: *pgUserCredsSecretUid
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index ab6d3f247c..9e123e1298 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -115,6 +115,12 @@ ingress:
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
# initial application configuration
applicationConfig:
logLevel: INFO
diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml
index b47d717cbe..d665c3534a 100644
--- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml
@@ -3,6 +3,7 @@
# Copyright (c) 2021 Wipro Limited.
# Modifications Copyright © 2021 Orange
# Modifications Copyright © 2021 Nordix Foundation
+# Modifications Copyright © 2023 Deutsche Telekom AG.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -18,7 +19,7 @@
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Kohn"
+appVersion: "London"
description: DCAE KPI MS chart
name: dcae-kpi-ms
version: 12.0.0
diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
index db85cfd045..a0a6fb9611 100644
--- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml
@@ -2,6 +2,7 @@
# ============================================================================
# Copyright (C) 2021-2022 Wipro Limited.
# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
+# Copyright (c) 2023 Deutsche Telekom AG. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -35,7 +36,7 @@ filebeatConfig:
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.components.kpi-ms:1.0.11
+image: onap/org.onap.dcaegen2.services.components.kpi-ms:1.2.1
pullPolicy: Always
# Log directory where logging sidecar should look for log files
@@ -75,6 +76,11 @@ service:
port: 8080
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# Initial Application Configuration
applicationConfig:
trust_store_path: '/opt/app/kpims/etc/cert/trust.jks'
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
index 3b47e7f70e..71a2d95eb0 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
@@ -31,6 +31,10 @@ service:
- port: 8080
name: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals: []
+
# Label on DCAE microservice deployments
# (Used by healthcheck code to find deployments
# created after initial DCAE installation)
diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
index 0c90e3ae87..6081d354db 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
@@ -86,6 +86,11 @@ service:
plain_port: 8081
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# Data Router Subscriber Credentials
drSubscriberCreds:
username: username
diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..30d173c2d8
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/authorizationpolicy.yaml
@@ -0,0 +1,136 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "primary" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "replica" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
index f6782db6c6..90d7e16485 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml
@@ -82,6 +82,13 @@ service:
plain_port: 8080
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ authorizedPrincipalsPostgres:
+ - serviceAccount: dcae-pmsh-read
+
# Initial Application Configuration
applicationConfig:
enable_tls: false
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
index 9a274153f2..a2cce37529 100644
--- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
@@ -73,6 +73,11 @@ service:
- port: 8100
name: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
aaiCreds:
user: AAI
password: AAI
diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
index bed8f9cb3d..0a9203b908 100644
--- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml
@@ -93,6 +93,12 @@ ingress:
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
# AAF Credentials
controllerCreds:
username: access
diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml
index ed555b28a2..c3f5af9a90 100644
--- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml
@@ -3,6 +3,7 @@
# Copyright (c) 2021 Wipro Limited.
# Modifications Copyright © 2021 Orange
# Modifications Copyright © 2021 Nordix Foundation
+# Modifications Copyright © 2023 Deutsche Telekom AG.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -18,7 +19,7 @@
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Kohn"
+appVersion: "London"
description: DCAE SliceAnalysis MS charts
name: dcae-slice-analysis-ms
version: 12.0.0
diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..30d173c2d8
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/authorizationpolicy.yaml
@@ -0,0 +1,136 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "primary" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "replica" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
index e57c781ed5..6eda4836e6 100644
--- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml
@@ -3,6 +3,7 @@
# Copyright (C) 2021-2022 Wipro Limited.
# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# Copyright (C) 2022 Huawei Canada Limited.
+# Copyright (c) 2023 Deutsche Telekom AG. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -49,7 +50,7 @@ secrets:
#################################################################
# Application Image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.5
+image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.2.1
pullPolicy: IfNotPresent
#################################################################
@@ -99,6 +100,13 @@ service:
port: 8080
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ authorizedPrincipalsPostgres:
+ - serviceAccount: dcae-slice-analysis-ms-read
+
credentials:
- name: PG_USERNAME
uid: *pgUserCredsSecretUid
diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
index 5c888db790..01d4316d46 100644
--- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml
@@ -69,6 +69,10 @@ service:
nodePort: 70
useNodePortExt: true
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals: []
+
# Initial Application Configuration
applicationConfig:
StormWatchPolicy: ''
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..30d173c2d8
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/templates/authorizationpolicy.yaml
@@ -0,0 +1,136 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "primary" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- $dot := default . .dot -}}
+{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}}
+{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}}
+{{- $defaultOperationPorts := list "5432" -}}
+{{- $relName := include "common.release" . -}}
+{{- $postgresName := $dot.Values.postgres.service.name -}}
+{{- $pgHost := "replica" -}}
+{{- if (include "common.useAuthorizationPolicies" .) }}
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ $postgresName }}-{{ $pgHost }}
+ action: ALLOW
+ rules:
+{{- if $authorizedPrincipalsPostgres }}
+{{- range $principal := $authorizedPrincipalsPostgres }}
+ - from:
+ - source:
+ principals:
+{{- $namespace := default "onap" $principal.namespace -}}
+{{- if eq "onap" $namespace }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}"
+{{- else }}
+ - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}"
+{{- end }}
+ to:
+ - operation:
+ ports:
+{{- range $port := $defaultOperationPorts }}
+ - "{{ $port }}"
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
index 037c5866e2..8eb55b4ed1 100644
--- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
@@ -94,6 +94,13 @@ service:
port: 8080
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ authorizedPrincipalsPostgres:
+ - serviceAccount: dcae-son-handler-read
+
# Credentials
cpsCreds:
identity: cps
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
index fcdcb525c5..191a5b1a7d 100644
--- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
@@ -74,6 +74,11 @@ service:
- port: 9091
name: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# mongoDB overrides
mongo:
nameOverride: dcae-mongo
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index 526d75077c..06eaba67fa 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -111,6 +111,12 @@ ingress:
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
# application environments
applicationEnv:
CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
index ff1f7481e0..79581ad3fb 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml
@@ -60,6 +60,11 @@ service:
port: 80
port_protocol: http
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# application environments
applicationEnv:
LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true'
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/authorizationpolicy.yaml
new file mode 100644
index 0000000000..5a9baa822f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/templates/authorizationpolicy.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.authorizationPolicy" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
index 2327ac310b..7a80433a70 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml
@@ -27,6 +27,10 @@ service:
- name: &port http
port: *svc_port
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals: []
+
schemaMap:
filename: "schema-map.json"
directory: "/app/mappings"
diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh
index 347c7689e4..9d7ffd7d06 100755
--- a/kubernetes/helm/plugins/deploy/deploy.sh
+++ b/kubernetes/helm/plugins/deploy/deploy.sh
@@ -51,8 +51,8 @@ generate_overrides() {
END=${SUBCHART_NAMES[index+1]}
if [ "$START" = "global:" ]; then
echo "global:" > $GLOBAL_OVERRIDES
- cat $COMPUTED_OVERRIDES | sed '/common:/,/consul:/d' \
- | sed -n '/^'"$START"'/,/'log:'/p' | sed '1d;$d' >> $GLOBAL_OVERRIDES
+ cat $COMPUTED_OVERRIDES | sed -n '/^'"$START"'/,/'"$END"'/p' \
+ | sed '1d;$d' >> $GLOBAL_OVERRIDES
else
SUBCHART_DIR="$CACHE_SUBCHART_DIR/$(echo "$START" |cut -d':' -f1)"
if [ -d "$SUBCHART_DIR" ]; then
diff --git a/kubernetes/log/.helmignore b/kubernetes/log/.helmignore
deleted file mode 100644
index 7ddbad7ef4..0000000000
--- a/kubernetes/log/.helmignore
+++ /dev/null
@@ -1,22 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-components/
diff --git a/kubernetes/log/Chart.yaml b/kubernetes/log/Chart.yaml
deleted file mode 100644
index 16df2f8953..0000000000
--- a/kubernetes/log/Chart.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Logging ElasticStack
-name: log
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: log-elasticsearch
- version: ~12.x-0
- repository: 'file://components/log-elasticsearch'
- - name: log-kibana
- version: ~12.x-0
- repository: 'file://components/log-kibana'
- - name: log-logstash
- version: ~12.x-0
- repository: 'file://components/log-logstash'
diff --git a/kubernetes/log/Makefile b/kubernetes/log/Makefile
deleted file mode 100644
index eea1b7aefb..0000000000
--- a/kubernetes/log/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/log/components/Makefile b/kubernetes/log/components/Makefile
deleted file mode 100644
index f09e21e75c..0000000000
--- a/kubernetes/log/components/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/log/components/log-elasticsearch/Chart.yaml b/kubernetes/log/components/log-elasticsearch/Chart.yaml
deleted file mode 100644
index fad4c67e45..0000000000
--- a/kubernetes/log/components/log-elasticsearch/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Logging Elasticsearch
-name: log-elasticsearch
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/log/components/log-elasticsearch/resources/config/elasticsearch.yml b/kubernetes/log/components/log-elasticsearch/resources/config/elasticsearch.yml
deleted file mode 100644
index d39fc97e0d..0000000000
--- a/kubernetes/log/components/log-elasticsearch/resources/config/elasticsearch.yml
+++ /dev/null
@@ -1,146 +0,0 @@
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ======================== Elasticsearch Configuration =========================
-#
-# NOTE: Elasticsearch comes with reasonable defaults for most settings.
-# Before you set out to tweak and tune the configuration, make sure you
-# understand what are you trying to accomplish and the consequences.
-#
-# The primary way of configuring a node is via this file. This template lists
-# the most important settings you may want to configure for a production cluster.
-#
-# Please consult the documentation for further information on configuration options:
-# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
-#
-# ---------------------------------- Cluster -----------------------------------
-#
-# Name of the Elasticsearch cluster.
-# A node can only join a cluster when it shares its cluster.name with all the other nodes in the cluster.
-# The default name is elasticsearch, but you should change it to an appropriate name which describes the
-# purpose of the cluster.
-#
-cluster.name: "onap-log"
-#
-# The port that other nodes in the cluster should use when communicating with this node.
-# Required for Elasticsearch's nodes running on different cluster nodes.
-# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html
-#transport.publish_port:$transport.publish_port
-#
-# The host address to publish for nodes in the cluster to connect to.
-# Required for Elasticsearch's nodes running on different cluster nodes.
-# More : https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html
-#transport.publish_host:$transport.publish_host
-#
-# ------------------------------------ Node ------------------------------------
-#
-# It is better to provide different meaningfull names fot different elastic nodes.
-# By default, Elasticsearch will take the 7 first character of the randomly generated uuid used as the node id.
-# Note that the node id is persisted and does not change when a node restarts
-#
-#node.name: $node.name
-#
-# Add custom attributes to the node:
-#
-#node.attr.rack: r1
-#
-# ----------------------------------- Paths ------------------------------------
-#
-# The location of the data files of each index / shard allocated on the node. Can hold multiple locations separated by coma.
-# In production, we should not keep this default to "/elasticsearch/data", as on upgrading Elasticsearch, directory structure
-# may change & can deal to data loss.
-path.data: /usr/share/elasticsearch/data
-#
-# Elasticsearch's log files location. In production, we should not keep this default to "/elasticsearch/logs",
-# as on upgrading Elasticsearch, directory structure may change.
-path.logs: /usr/share/elasticsearch/logs
-#
-# ----------------------------------- Memory -----------------------------------
-#
-# It is vitally important to the health of your node that none of the JVM is ever swapped out to disk.
-# Lock the memory on startup.
-#
-bootstrap.memory_lock: false
-#
-# Make sure that the heap size is set to about half the memory available
-# on the system and that the owner of the process is allowed to use this
-# limit.
-#
-# Elasticsearch performs poorly when the system is swapping the memory.
-#
-# ---------------------------------- Network -----------------------------------
-#
-# Set the bind address to a specific IP (IPv4 or IPv6):
-# In order to communicate and to form a cluster with nodes on other servers, your node will need to bind to a
-# non-loopback address.
-network.host: 0.0.0.0
-#
-# Set a custom port for HTTP: If required, default is 9200-9300
-#
-#http.port: $http.port
-#
-# For more information, consult the network module documentation.
-#
-# --------------------------------- Discovery ----------------------------------
-#
-# Pass an initial list of hosts to perform discovery when new node is started
-# To form a cluster with nodes on other servers, you have to provide a seed list of other nodes in the cluster
-# that are likely to be live and contactable.
-# By default, Elasticsearch will bind to the available loopback addresses and will scan ports 9300 to 9305 to try
-# to connect to other nodes running on the same server.
-#
-#$discovery.zen.ping.unicast.hosts
-#
-# This setting tells Elasticsearch to not elect a master unless there are enough master-eligible nodes
-# available. Only then will an election take place.
-# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
-discovery.zen.minimum_master_nodes: 1
-#
-# For more information, consult the zen discovery module documentation.
-#
-# ---------------------------------- Gateway -----------------------------------
-#
-# Block initial recovery after a full cluster restart until N nodes are started:
-#
-#gateway.recover_after_nodes: 3
-#
-# For more information, consult the gateway module documentation.
-#
-# ---------------------------------- Various -----------------------------------
-#
-# Require explicit names when deleting indices:
-#
-#action.destructive_requires_name: true
-# Set a custom port for HTTP: If required, default is 9200-9300
-# This is used for REST APIs
-http.port: {{.Values.service.externalPort}}
-# Port to bind for communication between nodes. Accepts a single value or a range.
-# If a range is specified, the node will bind to the first available port in the range.
-# Defaults to 9300-9400.
-# More info:
-transport.tcp.port: {{.Values.service.externalPort2}}
-
-xpack.graph.enabled: false
-#Set to false to disable X-Pack graph features.
-
-xpack.ml.enabled: false
-#Set to false to disable X-Pack machine learning features.
-
-xpack.monitoring.enabled: false
-#Set to false to disable X-Pack monitoring features.
-
-xpack.security.enabled: false
-#Set to false to disable X-Pack security features.
-
-xpack.watcher.enabled: false
-#Set to false to disable Watcher.
diff --git a/kubernetes/log/components/log-elasticsearch/templates/NOTES.txt b/kubernetes/log/components/log-elasticsearch/templates/NOTES.txt
deleted file mode 100644
index ab908cd309..0000000000
--- a/kubernetes/log/components/log-elasticsearch/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/log/components/log-elasticsearch/templates/configmap.yaml b/kubernetes/log/components/log-elasticsearch/templates/configmap.yaml
deleted file mode 100644
index fe0349ede9..0000000000
--- a/kubernetes/log/components/log-elasticsearch/templates/configmap.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml b/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml
deleted file mode 100644
index 3e815ca860..0000000000
--- a/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml
+++ /dev/null
@@ -1,114 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /bin/sh
- - -c
- - |
- sysctl -w vm.max_map_count=262144
- mkdir -p /logroot/elasticsearch/logs
- mkdir -p /logroot/elasticsearch/data
- chmod -R 777 /logroot/elasticsearch
- chown -R root:root /logroot
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- securityContext:
- privileged: true
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: init-sysctl
- volumeMounts:
- - name: {{ include "common.fullname" . }}-logs
- mountPath: /logroot/
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- resources: {{ include "common.resources" . | nindent 12 }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- - containerPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.name2 }}
-# disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort2 }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
- name: {{ include "common.fullname" . }}-config
- subPath: elasticsearch.yml
- - mountPath: /usr/share/elasticsearch/data/
- name: {{ include "common.fullname" . }}-data
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-config
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- items:
- - key: elasticsearch.yml
- path: elasticsearch.yml
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- - name: {{ include "common.fullname" . }}-logs
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPathLogs }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/log/components/log-elasticsearch/templates/ingress.yaml b/kubernetes/log/components/log-elasticsearch/templates/ingress.yaml
deleted file mode 100644
index 8f87c68f1e..0000000000
--- a/kubernetes/log/components/log-elasticsearch/templates/ingress.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "common.ingress" . }}
diff --git a/kubernetes/log/components/log-elasticsearch/templates/pv.yaml b/kubernetes/log/components/log-elasticsearch/templates/pv.yaml
deleted file mode 100644
index 9d4093db11..0000000000
--- a/kubernetes/log/components/log-elasticsearch/templates/pv.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
diff --git a/kubernetes/log/components/log-elasticsearch/templates/pvc.yaml b/kubernetes/log/components/log-elasticsearch/templates/pvc.yaml
deleted file mode 100644
index 6ae4eea0d3..0000000000
--- a/kubernetes/log/components/log-elasticsearch/templates/pvc.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/log/components/log-elasticsearch/templates/service.yaml b/kubernetes/log/components/log-elasticsearch/templates/service.yaml
deleted file mode 100644
index 7736f0c9d7..0000000000
--- a/kubernetes/log/components/log-elasticsearch/templates/service.yaml
+++ /dev/null
@@ -1,70 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name2 }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type2 }}
- ports:
- {{if eq .Values.service.type2 "NodePort" -}}
- - port: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.name2 }}
- {{- else -}}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.name2 }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/log/components/log-elasticsearch/values.yaml b/kubernetes/log/components/log-elasticsearch/values.yaml
deleted file mode 100644
index 74cf4ed8c2..0000000000
--- a/kubernetes/log/components/log-elasticsearch/values.yaml
+++ /dev/null
@@ -1,116 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-# application image
-image: elasticsearch/elasticsearch:5.5.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config: {}
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 120
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- accessMode: ReadWriteOnce
- size: 1Gi
- mountPath: /dockerdata-nfs
- mountSubPath: log/elasticsearch/data
- mountSubPathLogs: log
-
-service:
- type: NodePort
- name: log-es
- externalPort: 9200
- internalPort: 9200
- nodePort: 54
- type2: ClusterIP
- name2: log-es-tcp
- externalPort2: 9300
- internalPort2: 9300
-
-ingress:
- enabled: false
- service:
- - baseaddr: "log-es-api"
- name: "log-es"
- port: 9200
- config:
- ssl: "none"
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 4Gi
- requests:
- cpu: 1
- memory: 2Gi
- large:
- limits:
- cpu: 2
- memory: 8Gi
- requests:
- cpu: 1
- memory: 4Gi
- unlimited: {}
diff --git a/kubernetes/log/components/log-kibana/Chart.yaml b/kubernetes/log/components/log-kibana/Chart.yaml
deleted file mode 100644
index fc557127ba..0000000000
--- a/kubernetes/log/components/log-kibana/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Logging Kibana
-name: log-kibana
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/log/components/log-kibana/resources/config/README.txt b/kubernetes/log/components/log-kibana/resources/config/README.txt
deleted file mode 100644
index 2863c1d5e5..0000000000
--- a/kubernetes/log/components/log-kibana/resources/config/README.txt
+++ /dev/null
@@ -1 +0,0 @@
-"kibana-onboarding.json" file contains initial setup of Kibana obtained using Elasticdump tool. \ No newline at end of file
diff --git a/kubernetes/log/components/log-kibana/resources/config/kibana-onboarding.json b/kubernetes/log/components/log-kibana/resources/config/kibana-onboarding.json
deleted file mode 100644
index e69de29bb2..0000000000
--- a/kubernetes/log/components/log-kibana/resources/config/kibana-onboarding.json
+++ /dev/null
diff --git a/kubernetes/log/components/log-kibana/resources/config/kibana.yml b/kubernetes/log/components/log-kibana/resources/config/kibana.yml
deleted file mode 100644
index 377f3c7b65..0000000000
--- a/kubernetes/log/components/log-kibana/resources/config/kibana.yml
+++ /dev/null
@@ -1,129 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-xpack.graph.enabled: false
-#Set to false to disable X-Pack graph features.
-xpack.ml.enabled: false
-#Set to false to disable X-Pack machine learning features.
-xpack.monitoring.enabled: false
-#Set to false to disable X-Pack monitoring features.
-xpack.reporting.enabled: false
-#Set to false to disable X-Pack reporting features.
-xpack.security.enabled: false
-#Set to false to disable X-Pack security features.
-xpack.watcher.enabled: false
-#Set to false to disable Watcher.
-# Kibana is served by a back end server. This setting specifies the port to use.
-server.port: {{.Values.service.externalPort}}
-
-# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
-# The default is 'localhost', which usually means remote machines will not be able to connect.
-# To allow connections from remote users, set this parameter to a non-loopback address.
-server.host: "0"
-
-# Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects
-# the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests
-# to Kibana. This setting cannot end in a slash.
-#server.basePath: ""
-
-# The maximum payload size in bytes for incoming server requests.
-#server.maxPayloadBytes: 1048576
-
-# The Kibana server's name. This is used for display purposes.
-server.name: "Kibana"
-
-# The URL of the Elasticsearch instance to use for all your queries.
-elasticsearch.url: "http://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}:{{.Values.config.elasticsearchPort}}"
-# When this setting's value is true Kibana uses the hostname specified in the server.host
-# setting. When the value of this setting is false, Kibana uses the hostname of the host
-# that connects to this Kibana instance.
-#elasticsearch.preserveHost: true
-
-# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
-# dashboards. Kibana creates a new index if the index doesn't already exist.
-#kibana.index: ".kibana"
-
-# The default application to load.
-#kibana.defaultAppId: "discover"
-
-# If your Elasticsearch is protected with basic authentication, these settings provide
-# the username and password that the Kibana server uses to perform maintenance on the Kibana
-# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
-# is proxied through the Kibana server.
-elasticsearch.username: "elastic"
-elasticsearch.password: "changeme"
-# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
-# These settings enable SSL for outgoing requests from the Kibana server to the browser.
-#server.ssl.enabled: $server_ssl_enabled
-#server.ssl.certificate: $server_ssl_certificate
-#server.ssl.key: $server_ssl_key
-
-# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
-# These files validate that your Elasticsearch backend uses the same key files.
-#elasticsearch.ssl.certificate: $elasticsearch_ssl_certificate
-#elasticsearch.ssl.key: $elasticsearch_ssl_key
-
-# Optional setting that enables you to specify a path to the PEM file for the certificate
-# authority for your Elasticsearch instance.
-#elasticsearch.ssl.certificateAuthorities: $elasticsearch_ssl_certificateAuthorities
-
-# To disregard the validity of SSL certificates, change this setting's value to 'none'.
-#elasticsearch.ssl.verificationMode: $elasticsearch_ssl_verificationMode
-
-# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
-# the elasticsearch.requestTimeout setting.
-#elasticsearch.pingTimeout: 1500
-
-# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
-# must be a positive integer.
-#elasticsearch.requestTimeout: 30000
-
-# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
-# headers, set this value to [] (an empty list).
-#elasticsearch.requestHeadersWhitelist: [ authorization ]
-
-# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
-# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
-#elasticsearch.customHeaders: {}
-
-# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
-#elasticsearch.shardTimeout: 0
-
-# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.
-#elasticsearch.startupTimeout: 5000
-
-# Specifies the path where Kibana creates the process ID file.
-#pid.file: /var/run/kibana.pid
-
-# Enables you specify a file where Kibana stores log output.
-#logging.dest: stdout
-
-# Set the value of this setting to true to suppress all logging output.
-#logging.silent: false
-
-# Set the value of this setting to true to suppress all logging output other than error messages.
-#logging.quiet: false
-
-# Set the value of this setting to true to log all events, including system usage information
-# and all requests.
-#logging.verbose: false
-
-# Set the interval in milliseconds to sample system and process performance
-# metrics. Minimum is 100ms. Defaults to 5000.
-#ops.interval: 5000
-
-# The default locale. This locale can be used in certain circumstances to substitute any missing
-# translations.
-#i18n.defaultLocale: "en"
diff --git a/kubernetes/log/components/log-kibana/templates/NOTES.txt b/kubernetes/log/components/log-kibana/templates/NOTES.txt
deleted file mode 100644
index f115eb6f23..0000000000
--- a/kubernetes/log/components/log-kibana/templates/NOTES.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/log/components/log-kibana/templates/configmap.yaml b/kubernetes/log/components/log-kibana/templates/configmap.yaml
deleted file mode 100644
index 3e98246df1..0000000000
--- a/kubernetes/log/components/log-kibana/templates/configmap.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/log/components/log-kibana/templates/deployment.yaml b/kubernetes/log/components/log-kibana/templates/deployment.yaml
deleted file mode 100644
index 604b0383a8..0000000000
--- a/kubernetes/log/components/log-kibana/templates/deployment.yaml
+++ /dev/null
@@ -1,116 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /app/ready.py
- args:
- - --container-name
- - log-elasticsearch
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- - args:
- - --input=/config/kibana-onboarding.json
- - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/.kibana
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.elasticdumpImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-elasticdump
- volumeMounts:
- - mountPath: /config/kibana-onboarding.json
- name: {{ include "common.fullname" . }}
- subPath: kibana-onboarding.json
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- resources: {{ include "common.resources" . | nindent 12 }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- readinessProbe:
- httpGet:
- path: "/"
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
-# disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- httpGet:
- path: "/"
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{ end -}}
- env:
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /usr/share/kibana/config/
- name: {{ include "common.fullname" . }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}
- configMap:
- name: {{ include "common.fullname" . }}
- items:
- - key: kibana.yml
- path: kibana.yml
- - key: kibana-onboarding.json
- path: kibana-onboarding.json
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/log/components/log-kibana/templates/ingress.yaml b/kubernetes/log/components/log-kibana/templates/ingress.yaml
deleted file mode 100644
index 8f87c68f1e..0000000000
--- a/kubernetes/log/components/log-kibana/templates/ingress.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "common.ingress" . }}
diff --git a/kubernetes/log/components/log-kibana/templates/service.yaml b/kubernetes/log/components/log-kibana/templates/service.yaml
deleted file mode 100644
index c53dc03368..0000000000
--- a/kubernetes/log/components/log-kibana/templates/service.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/log/components/log-kibana/values.yaml b/kubernetes/log/components/log-kibana/values.yaml
deleted file mode 100644
index 276bfea3b7..0000000000
--- a/kubernetes/log/components/log-kibana/values.yaml
+++ /dev/null
@@ -1,100 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-# Elasticdump image
-elasticdumpImage: taskrabbit/elasticsearch-dump
-
-# application image
-image: kibana/kibana:5.5.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config:
- elasticsearchServiceName: log-es
- elasticsearchPort: 9200
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 300
- periodSeconds: 10
- timeoutSeconds: 1
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 300
- periodSeconds: 10
- timeoutSeconds: 1
-
-service:
- #Example service definition with external, internal and node ports.
- #Services may use any combination of ports depending on the 'type' of
- #service being defined.
- type: NodePort
- name: log-kibana
- externalPort: 5601
- internalPort: 5601
- nodePort: 53
-
-ingress:
- enabled: false
- service:
- - baseaddr: "log-kibana-ui"
- name: "log-kibana"
- port: 5601
- config:
- ssl: "none"
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2
- memory: 4Gi
- requests:
- cpu: 1
- memory: 2Gi
- large:
- limits:
- cpu: 4
- memory: 8Gi
- requests:
- cpu: 2
- memory: 4Gi
- unlimited: {}
diff --git a/kubernetes/log/components/log-logstash/Chart.yaml b/kubernetes/log/components/log-logstash/Chart.yaml
deleted file mode 100644
index 0c51886c82..0000000000
--- a/kubernetes/log/components/log-logstash/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Logging Logstash
-name: log-logstash
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/log/components/log-logstash/resources/config/logstash.yml b/kubernetes/log/components/log-logstash/resources/config/logstash.yml
deleted file mode 100644
index 7c3bd8f851..0000000000
--- a/kubernetes/log/components/log-logstash/resources/config/logstash.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-http.host: "0.0.0.0"
-pipeline.workers: 3
-## Path where pipeline configurations reside
-path.config: /usr/share/logstash/pipeline
-
-## Type of queue : memeory based or file based
-#queue.type: persisted
-## Size of queue
-#queue.max_bytes: 1024mb
-## Setting true makes logstash check periodically for change in pipeline configurations
-config.reload.automatic: true
-
-## xpack configurations
-#xpack.monitoring.elasticsearch.url: ["http://10.247.186.12:9200", "http://10.247.186.13:9200"]
-#xpack.monitoring.elasticsearch.username: elastic
-#xpack.monitoring.elasticsearch.password: changeme
-xpack.monitoring.enabled: false
diff --git a/kubernetes/log/components/log-logstash/resources/config/onap-pipeline.conf b/kubernetes/log/components/log-logstash/resources/config/onap-pipeline.conf
deleted file mode 100644
index b224bf3173..0000000000
--- a/kubernetes/log/components/log-logstash/resources/config/onap-pipeline.conf
+++ /dev/null
@@ -1,276 +0,0 @@
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-input {
- beats {
-
- ## Add a id to plugin configuration. Can be anything unique.
- id => 'beats_plugin'
-
- ######## Connection configurations ########
-
- ## The port to listen on.
- port => {{.Values.service.externalPort}}
-
- ## Close Idle clients after the specified time in seconds. Default is 60 seconds
- #client_inactivity_timeout => 60
-
- ######## Security configurations ########
-
- ## Enable encryption. Default false.
- #ssl => $filebeat_ssl
-
- ## ssl certificate path.
- #ssl_certificate => $filebeat_ssl_certificate
-
- ## SSL key to use.
- #ssl_key => $filebeat_ssl_key
-
- ##SSL key passphrase to use.
- #ssl_key_passphrase => $filebeat_ssl_key_passphrase
-
- ## Value can be any of: none, peer, force_peer.
- #ssl_verify_mode => $filebeat_ssl_verify_mode
-
- ## Time in milliseconds for an incomplete ssl handshake to timeout. Default is 10000 ms.
- #ssl_handshake_timeout => 10000
- include_codec_tag => false
- }
-}
-
-
-filter {
- grok {
- break_on_match => false
- match => {
- "source" => ["/var/log/onap/(?<componentName>[^/]+)/",
- "/var/log/onap/%{GREEDYDATA:componentLogFile}"
- ]
- }
- }
-
- # Filter for log4j xml events
- if "</log4j:event>" in [message] {
-
- #mutate { add_field => { "orgmsg_log4j" => "%{message}" } } # Copy of orginal msg for debug
-
- #Filter to parse xml event and retrieve data
- xml {
- source => "message"
- store_xml => false
- remove_namespaces => true
- target => "xml_content"
- xpath => [ "/event/message/text()", "logmsg" ,
- "/event/@logger", "Logger",
- "/event/@timestamp", "Timestamp",
- "/event/@level", "loglevel",
- "/event/@thread", "Thread",
- "/event/throwable/text()", "Exceptionthrowable",
- "/event/NDC/text()", "NDCs",
- "/event/properties/data/@name","mdcname",
- "/event/properties/data/@value","mdcvalue"]
-
- }
-
- #Ruby filter to iterate and separate MDCs into documents
- ruby {
- code => '
- $i = 0
- $num = 0
- if event.get("[mdcname]")
- $num = event.get("[mdcname]").length
- end
- if $num != 0
- until $i > $num do
- if event.get("[mdcname]").at($i) and event.get("[mdcvalue]").at($i)
- event.set(event.get("[mdcname]").at($i), event.get("[mdcvalue]").at($i))
- end
- $i=$i+1
- end
- end
- '
- }
-
- #Validations
- if [Exceptionthrowable]
- {
- mutate {
- replace => {
- "exceptionmessage" => "%{[Exceptionthrowable]}"
- }
- }
- }
-
- if [NDCs]
- {
- mutate {
- replace => {
- "NDC" => "%{[NDCs]}"
- }
- }
- }
-
- mutate {
- replace => {
- "Logger" =>"%{[Logger]}"
- "logmsg" =>"%{[logmsg]}"
- "Timestamp" =>"%{[Timestamp]}"
- "loglevel" =>"%{[loglevel]}"
- "message" => "%{logmsg}"
- "Thread" => "%{[Thread]}"
- }
- remove_field => ["mdcname", "mdcvalue", "logmsg","Exceptionthrowable","NDCs"]
- }
-
- if [Timestamp]
- {
- date {
- match => ["Timestamp", "UNIX_MS"]
- target => "Timestamp"
- }
- }
- }
- # Filter for logback events
- else {
-
- #mutate { add_field => { "orgmsg" => "%{message}" } } # Copy of orginal msg for debug
-
- mutate {
- gsub => [
- 'message', ' = ', '=',
- 'message', '= ', '=null',
- 'message', '=\t', '=null\t', #This null is followed by a tab
- 'message', '\t$', '\t'
- ]
- }
- # The grok below parses the message field for all current logback patterns used by oom components.
- # Example logback pattern: %d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}|%X{RequestId}|%msg
- # Example grok pattern: %{TIMESTAMP_ISO8601:Timestamp}\|%{UUID:RequestId}\|%{GREEDYDATA:message}
- # Use the following command to find all logback patterns in oom directory: find oom -name "logback*xml" -exec grep "property.*attern.*value" {} \;|sort|uniq
- grok {
- match => {
- "message" => [
- "%{TIMESTAMP_ISO8601:Timestamp}\\t[%{GREEDYDATA:Thread}]\\t%{GREEDYDATA:loglevel}\\t%{JAVACLASS:Logger}\\t%{GREEDYDATA:MDCs}\\t%{GREEDYDATA:message}",
- "%{TIMESTAMP_ISO8601:BeginTimestamp}\|%{TIMESTAMP_ISO8601:EndTimestamp}\|%{UUID:RequestId}\|%{GREEDYDATA:ServiceInstanceId}\|%{GREEDYDATA:Thread}\|%{GREEDYDATA:Unknown1}\|%{GREEDYDATA:ServiceName}\|%{GREEDYDATA:PartnerName}\|%{GREEDYDATA:TargetEntity}\|%{GREEDYDATA:TargetServiceName}\|%{GREEDYDATA:StatusCode}\|%{GREEDYDATA:ResponseCode}\|%{GREEDYDATA:ResponseDesc}\|%{UUID:InstanceUUID}\|%{GREEDYDATA:loglevel}\|%{GREEDYDATA:AlertSeverity}\|%{IP:ServerIPAddress}\|%{GREEDYDATA:Timer}\|%{HOSTNAME:ServerFQDN}\|%{IPORHOST:RemoteHost}\|%{GREEDYDATA:Unknown2}\|%{GREEDYDATA:Unknown3}\|%{GREEDYDATA:Unknown4}\|%{GREEDYDATA:TargetVirtualEntity}\|%{GREEDYDATA:Unknown5}\|%{GREEDYDATA:Unknown6}\|%{GREEDYDATA:Unknown7}\|%{GREEDYDATA:Unknown8}\|%{GREEDYDATA:message}",
- "%{TIMESTAMP_ISO8601:BeginTimestamp}\|%{TIMESTAMP_ISO8601:EndTimestamp}\|%{UUID:RequestId}\|%{GREEDYDATA:ServiceInstanceId}\|%{GREEDYDATA:Thread}\|%{GREEDYDATA:Unknown1}\|%{GREEDYDATA:ServiceName}\|%{GREEDYDATA:PartnerName}\|%{GREEDYDATA:StatusCode}\|%{GREEDYDATA:ResponseCode}\|%{GREEDYDATA:ResponseDesc}\|%{UUID:InstanceUUID}\|%{GREEDYDATA:loglevel}\|%{GREEDYDATA:AlertSeverity}\|%{IP:ServerIPAddress}\|%{GREEDYDATA:Timer}\|%{HOSTNAME:ServerFQDN}\|%{IPORHOST:RemoteHost}\|%{GREEDYDATA:Unknown2}\|%{GREEDYDATA:Unknown3}\|%{GREEDYDATA:Unknown4}\|%{GREEDYDATA:Unknown5}\|%{GREEDYDATA:Unknown6}\|%{GREEDYDATA:Unknown7}\|%{GREEDYDATA:Unknown8}\|%{GREEDYDATA:message}",
- "%{TIMESTAMP_ISO8601:Timestamp}\|%{UUID:RequestId}\|%{GREEDYDATA:ServiceInstanceId}\|%{GREEDYDATA:Thread}\|%{GREEDYDATA:ServiceName}\|%{UUID:InstanceUUID}\|%{GREEDYDATA:loglevel}\|%{GREEDYDATA:AlertSeverity}\|%{IP:ServerIPAddress}\|%{HOSTNAME:ServerFQDN}\|%{IPORHOST:RemoteHost}\|%{GREEDYDATA:Timer}\|\[%{GREEDYDATA:caller}\]\|%{GREEDYDATA:message}",
- "%{TIMESTAMP_ISO8601:Timestamp}\|%{GREEDYDATA:RequestId}\|%{GREEDYDATA:Thread}\|%{GREEDYDATA:ServiceName}\|%{GREEDYDATA:PartnerName}\|%{GREEDYDATA:TargetEntity}\|%{GREEDYDATA:TargetServiceName}\|%{GREEDYDATA:loglevel}\|%{GREEDYDATA:ErrorCode}\|%{GREEDYDATA:ErrorDesc}\|%{GREEDYDATA:message}",
- "%{TIMESTAMP_ISO8601:Timestamp}\|%{GREEDYDATA:RequestId}\|%{GREEDYDATA:Thread}\|%{GREEDYDATA:ClassName}\|%{GREEDYDATA:message}",
- "%{TIMESTAMP_ISO8601:Timestamp}\|%{UUID:RequestId}\|%{GREEDYDATA:message}",
- "\[%{TIMESTAMP_ISO8601:Timestamp}\|%{LOGLEVEL:loglevel}\|%{GREEDYDATA:Logger}\|%{GREEDYDATA:Thread}\] %{GREEDYDATA:message}"
- ]
- }
- overwrite => ["message"]
- }
- # The MDCs are key value pairs that are seperated by "," or "\t". Extra space characters are trimmed from the keys and values.
- kv {
- source => "MDCs"
- field_split => ",\t"
- trim_key => "\s"
- trim_value => "\s"
- remove_field => [ "MDCs" ]
- }
-
- if (![Timestamp] and [EndTimestamp]) {
- mutate { add_field => { "Timestamp" => "%{EndTimestamp}" } }
- }
- date {
- match => [ "Timestamp", "ISO8601", "yyyy-MM-dd HH:mm:ss,SSS" ]
- target => "Timestamp"
- }
-
- mutate {
- remove_field => ["DuplicateRequestID", "Unknown1", "Unknown2", "Unknown3", "Unknown4", "Unknown5", "Unknown6", "Unknown7", "Unknown8"]
- }
-
- if ([source] == "/var/log/onap/sdc/sdc-be/audit.log") {
- #Parse kvps in message
- kv {
- field_split => "\s"
- trim_key => "\s"
- trim_value => "\s"
- }
-
- #If Request Id is missing and DID is present use as RequestId
- if (![RequestId] and [DID] =~ /.+/) {
- mutate { add_field => { "RequestId" => "%{DID}" } }
- }
- }
-
- } #Close else statement for logback events
-} #Close filter
-
-
-output {
- elasticsearch {
- id => 'onap_es'
-
- ######### Security configurations #########
-
- user => "elastic"
- password => "changeme"
-
- ## The .cer or .pem file to validate the server's certificate
- #cacert => $es_cacert
-
- ## The keystore used to present a certificate to the server. It can be either .jks or .p12
- #keystore => $es_keystore
- #keystore_password => $es_keystore_password
-
- ## Enable SSL/TLS secured communication to Elasticsearch cluster.
- ## Default is not set which in that case depends on the protocol specidfied in hosts list
- #ssl => $es_ssl
-
- ## Option to validate the server's certificate. Default is true
- #ssl_certificate_verification => $es_ssl_certificate_verification
-
- ## The JKS truststore to validate the server's certificate.
- #truststore => $es_truststore
- #truststore_password => $es_truststore_password
-
-
- ######### Elasticsearchcluster and host configurations #########
-
- ##can specify one or a list of hosts. If sniffing is set, one is enough and others will be auto-discovered
- hosts => ["http://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}:{{.Values.config.elasticsearchPort}}"]
-
-
- ## This setting asks Elasticsearch for the list of all cluster nodes and adds them to the hosts list. Default is false.
- sniffing => true
-
- ## How long to wait, in seconds, between sniffing attempts. Default is 5 seconds.
- #sniffing_delay => 5
-
- ## Set the address of a forward HTTP proxy.
- #proxy => $es_proxy
-
- ##Use this if you must run Elasticsearch behind a proxy that remaps the root path for the Elasticsearch HTTP API lives
- #path => $es_path
-
- ######### Elasticsearch request configurations #########
-
- ## This setting defines the maximum sized bulk request Logstash will make.
- #flush_size => ?
-
- ######### Document configurations #########
-
- index => "logstash-%{+YYYY.MM.dd}"
- document_type => "logs"
-
- ## This can be used to associate child documents with a parent using the parent ID.
- #parent => "abcd'
- }
-}
-
diff --git a/kubernetes/log/components/log-logstash/templates/NOTES.txt b/kubernetes/log/components/log-logstash/templates/NOTES.txt
deleted file mode 100644
index f115eb6f23..0000000000
--- a/kubernetes/log/components/log-logstash/templates/NOTES.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/log/components/log-logstash/templates/configmap.yaml b/kubernetes/log/components/log-logstash/templates/configmap.yaml
deleted file mode 100644
index 3e98246df1..0000000000
--- a/kubernetes/log/components/log-logstash/templates/configmap.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/log/components/log-logstash/templates/deployment.yaml b/kubernetes/log/components/log-logstash/templates/deployment.yaml
deleted file mode 100644
index 5d359dcd80..0000000000
--- a/kubernetes/log/components/log-logstash/templates/deployment.yaml
+++ /dev/null
@@ -1,104 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /app/ready.py
- args:
- - --container-name
- - log-elasticsearch
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.elasticRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- resources: {{ include "common.resources" . | nindent 12 }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- - containerPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.name2 }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
-# disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- env:
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /usr/share/logstash/config/
- name: {{ include "common.fullname" . }}-config
- - mountPath: /usr/share/logstash/pipeline/
- name: {{ include "common.fullname" . }}-pipeline
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-config
- configMap:
- name: {{ include "common.fullname" . }}
- items:
- - key: logstash.yml
- path: logstash.yml
- - name: {{ include "common.fullname" . }}-pipeline
- configMap:
- name: {{ include "common.fullname" . }}
- items:
- - key: onap-pipeline.conf
- path: onap-pipeline.conf
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/log/components/log-logstash/templates/ingress.yaml b/kubernetes/log/components/log-logstash/templates/ingress.yaml
deleted file mode 100644
index 8f87c68f1e..0000000000
--- a/kubernetes/log/components/log-logstash/templates/ingress.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "common.ingress" . }}
diff --git a/kubernetes/log/components/log-logstash/templates/service.yaml b/kubernetes/log/components/log-logstash/templates/service.yaml
deleted file mode 100644
index 7736f0c9d7..0000000000
--- a/kubernetes/log/components/log-logstash/templates/service.yaml
+++ /dev/null
@@ -1,70 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name2 }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type2 }}
- ports:
- {{if eq .Values.service.type2 "NodePort" -}}
- - port: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.name2 }}
- {{- else -}}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.name2 }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/log/components/log-logstash/values.yaml b/kubernetes/log/components/log-logstash/values.yaml
deleted file mode 100644
index 0ffb32aa68..0000000000
--- a/kubernetes/log/components/log-logstash/values.yaml
+++ /dev/null
@@ -1,102 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-# application image
-image: logstash/logstash:5.4.3
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config:
- elasticsearchServiceName: log-es
- elasticsearchPort: 9200
-
-# default number of instances
-# 30+ logs/sec will saturate a single node to 6+ vCores
-replicaCount: 3
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- #Example service definition with external, internal and node ports.
- #Services may use any combination of ports depending on the 'type' of
- #service being defined.
- type: NodePort
- name: log-ls
- externalPort: 5044
- internalPort: 5044
- nodePort: 55
- type2: ClusterIP
- name2: log-ls-http
- externalPort2: 9600
- internalPort2: 9600
-ingress:
- enabled: false
- service:
- - baseaddr: "log-ls-api"
- name: "log-ls"
- port: 5044
- - baseaddr: "log-ls-http-api"
- name: "log-ls"
- port: 9600
- config:
- ssl: "none"
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 0.5
- memory: 1Gi
- large:
- limits:
- cpu: 2
- memory: 4Gi
- requests:
- cpu: 2
- memory: 4Gi
- unlimited: {}
diff --git a/kubernetes/log/values.yaml b/kubernetes/log/values.yaml
deleted file mode 100644
index ddcf5235cd..0000000000
--- a/kubernetes/log/values.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml
index 6b66357a03..d69db344e8 100644
--- a/kubernetes/onap/Chart.yaml
+++ b/kubernetes/onap/Chart.yaml
@@ -25,10 +25,6 @@ icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?
kubeVersion: ">=1.19.11-0"
dependencies:
- - name: aaf
- version: ~12.x-0
- repository: '@local'
- condition: aaf.enabled
- name: aai
version: ~12.x-0
repository: '@local'
@@ -48,14 +44,6 @@ dependencies:
- name: common
version: ~12.x-0
repository: '@local'
- - name: consul
- version: ~12.x-0
- repository: '@local'
- condition: consul.enabled
- - name: contrib
- version: ~12.x-0
- repository: '@local'
- condition: global.addTestingComponents
- name: cps
version: ~12.x-0
repository: '@local'
@@ -72,14 +60,6 @@ dependencies:
version: ~12.x-0
repository: '@local'
condition: dmaap.enabled
- - name: log
- version: ~12.x-0
- repository: '@local'
- condition: log.enabled
- - name: sniro-emulator
- version: ~12.x-0
- repository: '@local'
- condition: sniro-emulator.enabled
- name: mariadb-galera
version: ~12.x-0
repository: '@local'
@@ -100,10 +80,6 @@ dependencies:
version: ~12.x-0
repository: '@local'
condition: policy.enabled
- - name: portal
- version: ~12.x-0
- repository: '@local'
- condition: portal.enabled
- name: postgres
version: ~12.x-0
repository: '@local'
diff --git a/kubernetes/onap/resources/environments/core-onap.yaml b/kubernetes/onap/resources/environments/core-onap.yaml
index 974e28ad12..87c27f743b 100644
--- a/kubernetes/onap/resources/environments/core-onap.yaml
+++ b/kubernetes/onap/resources/environments/core-onap.yaml
@@ -52,19 +52,11 @@ aai:
replicas: 1
aai-cassandra:
replicaCount: 1
-aaf:
- enabled: false
cassandra:
enabled: true
replicaCount: 3
-clamp:
- enabled: false
cli:
enabled: false
-consul:
- enabled: false
-contrib:
- enabled: false
cps:
enabled: false
dcaegen2-services:
@@ -81,8 +73,6 @@ dmaap:
enabled: false
dmaap-dr-node:
enabled: false
-log:
- enabled: false
mariadb-galera:
enabled: true
msb:
@@ -95,10 +85,6 @@ oof:
enabled: false
policy:
enabled: false
-pomba:
- enabled: false
-portal:
- enabled: false
robot:
enabled: false
sdc:
@@ -121,8 +107,6 @@ sdc:
heapNewSize: "256M"
sdnc:
enabled: true
-sniro-emulator:
- enabled: false
so:
enabled: true
config:
diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml
index 6d7db14d30..49221bf183 100644
--- a/kubernetes/onap/resources/environments/dev.yaml
+++ b/kubernetes/onap/resources/environments/dev.yaml
@@ -52,8 +52,6 @@ global:
# Enable/disable and configure helm charts (ie. applications)
# to customize the ONAP deployment.
#################################################################
-aaf:
- enabled: false
aai:
enabled: false
aai-cassandra:
@@ -65,10 +63,6 @@ clamp:
enabled: false
cli:
enabled: false
-consul:
- enabled: false
-contrib:
- enabled: false
cps:
enabled: false
dcaegen2-services:
@@ -77,12 +71,6 @@ holmes:
enabled: false
dmaap:
enabled: false
-log:
- enabled: false
- log-logstash:
- replicaCount: 1
-sniro-emulator:
- enabled: false
oof:
enabled: false
mariadb-galera:
@@ -95,10 +83,6 @@ nbi:
enabled: false
policy:
enabled: false
-pomba:
- enabled: false
-portal:
- enabled: false
robot:
enabled: true
sdc:
diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml
index 40490460af..0c925e3993 100644
--- a/kubernetes/onap/resources/environments/disable-allcharts.yaml
+++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml
@@ -25,20 +25,12 @@
# Enable/disable and configure helm charts (ie. applications)
# to customize the ONAP deployment.
#################################################################
-aaf:
- enabled: false
aai:
enabled: false
cassandra:
enabled: false
-clamp:
- enabled: false
cli:
enabled: false
-consul:
- enabled: false
-contrib:
- enabled: false
cps:
enabled: false
dcaegen2-services:
@@ -47,10 +39,6 @@ holmes:
enabled: false
dmaap:
enabled: false
-log:
- enabled: false
-sniro-emulator:
- enabled: false
mariadb-galera:
enabled: false
msb:
@@ -63,10 +51,6 @@ oof:
enabled: false
policy:
enabled: false
-pomba:
- enabled: false
-portal:
- enabled: false
robot:
enabled: false
sdc:
diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml
index 842eb07e00..e581ddc8c4 100644
--- a/kubernetes/onap/resources/environments/minimal-onap.yaml
+++ b/kubernetes/onap/resources/environments/minimal-onap.yaml
@@ -21,7 +21,6 @@
# Minimal resources are also reviewed for the various containers
# A&AI: no override => to be fixed
# DMAAP: no override
-# Portal: new values
# Robot: new values
# SO: no override
# SDC: new values
@@ -46,19 +45,11 @@ aai:
replicas: 1
aai-cassandra:
replicaCount: 1
-aaf:
- enabled: false
cassandra:
enabled: true
replicaCount: 1
-clamp:
- enabled: false
cli:
enabled: false
-consul:
- enabled: false
-contrib:
- enabled: false
cps:
enabled: false
dcaegen2-services:
@@ -75,8 +66,6 @@ dmaap:
enabled: false
dmaap-dr-node:
enabled: false
-log:
- enabled: false
mariadb-galera:
enabled: true
msb:
@@ -89,49 +78,6 @@ oof:
enabled: false
policy:
enabled: false
-pomba:
- enabled: false
-portal:
- enabled: true
- portal-cassandra:
- config:
- cassandraJvmOpts: "-Xmx512m -Xms256m"
- resources:
- small:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 100m
- memory: 1Gi
- portal-app:
- resources:
- small:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 100m
- memory: 1Gi
- resources:
- portal-mariaddb:
- resources:
- small:
- limits:
- cpu: 800m
- memory: 1Gi
- requests:
- cpu: 100m
- memory: 500Mi
- portal-widget:
- resources:
- small:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 100m
- memory: 500Mi
robot:
enabled: true
config:
@@ -164,8 +110,6 @@ sdc:
heapNewSize: "256M"
sdnc:
enabled: true
-sniro-emulator:
- enabled: false
so:
enabled: true
config:
diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml
index 90714a46d5..74ce637d52 100644
--- a/kubernetes/onap/resources/environments/public-cloud.yaml
+++ b/kubernetes/onap/resources/environments/public-cloud.yaml
@@ -24,27 +24,6 @@
# deploy ONAP. This increase in timeouts prevents restarting of
# the pods thereby the components will be deployed without error.
#################################################################
-aaf:
- aaf-cs:
- liveness:
- initialDelaySeconds: 240
- readiness:
- initialDelaySeconds: 240
- aaf-gui:
- liveness:
- initialDelaySeconds: 120
- readiness:
- initialDelaySeconds: 120
- aaf-oauth:
- liveness:
- initialDelaySeconds: 300
- readiness:
- initialDelaySeconds: 300
- aaf-service:
- liveness:
- initialDelaySeconds: 300
- readiness:
- initialDelaySeconds: 300
aai:
aai-champ:
liveness:
@@ -56,11 +35,6 @@ cassandra:
initialDelaySeconds: 120
readiness:
initialDelaySeconds: 120
-clamp:
- liveness:
- initialDelaySeconds: 60
- readiness:
- initialDelaySeconds: 60
holmes:
holmes-rule-mgmt:
liveness:
@@ -93,13 +67,6 @@ dmaap:
initialDelaySeconds: 120
readiness:
initialDelaySeconds: 120
-
-portal:
- portal-app:
- liveness:
- initialDelaySeconds: 60
- readiness:
- initialDelaySeconds: 60
sdc:
sdc-fe:
liveness:
diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml
index c22a3eee30..468aab8c18 100644
--- a/kubernetes/onap/resources/overrides/environment.yaml
+++ b/kubernetes/onap/resources/overrides/environment.yaml
@@ -32,27 +32,6 @@
# large value may not fix all installation issues on over subscribed hardware.
#
#################################################################
-aaf:
- aaf-cs:
- liveness:
- initialDelaySeconds: 240
- readiness:
- initialDelaySeconds: 240
- aaf-gui:
- liveness:
- initialDelaySeconds: 120
- readiness:
- initialDelaySeconds: 120
- aaf-oauth:
- liveness:
- initialDelaySeconds: 300
- readiness:
- initialDelaySeconds: 300
- aaf-service:
- liveness:
- initialDelaySeconds: 300
- readiness:
- initialDelaySeconds: 300
aai:
liveness:
initialDelaySeconds: 120
@@ -82,16 +61,6 @@ cassandra:
readiness:
timeoutSeconds: 30
periodSeconds: 60
-clamp:
- liveness:
- initialDelaySeconds: 60
- readiness:
- initialDelaySeconds: 60
- clamp-mariadb:
- liveness:
- initialDelaySeconds: 30
- readiness:
- initialDelaySeconds: 30
holmes:
holmes-rule-mgmt:
liveness:
@@ -145,17 +114,6 @@ oof:
periodSeconds: 120
readiness:
periodSeconds: 60
-portal:
- portal-app:
- liveness:
- initialDelaySeconds: 60
- readiness:
- initialDelaySeconds: 60
- portal-cassandra:
- liveness:
- periodSeconds: 120
- readiness:
- periodSeconds: 60
sdc:
sdc-fe:
liveness:
diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
index c89ffa1467..9cfd3703b8 100644
--- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
+++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
@@ -68,22 +68,14 @@ global:
# Enable/disable and configure helm charts (ie. applications)
# to customize the ONAP deployment.
#################################################################
-aaf:
- enabled: true
aai:
enabled: true
cassandra:
enabled: true
cds:
enabled: true
-clamp:
- enabled: false
cli:
enabled: false
-consul:
- enabled: false
-contrib:
- enabled: false
cps:
enabled: false
dcaegen2-services:
@@ -100,10 +92,6 @@ dmaap:
enabled: false
dmaap-dr-node:
enabled: false
-log:
- enabled: true
-sniro-emulator:
- enabled: false
oof:
enabled: true
mariadb-galera:
@@ -120,10 +108,6 @@ nbi:
openStackVNFTenantId: "1234"
policy:
enabled: true
-pomba:
- enabled: false
-portal:
- enabled: true
robot:
enabled: true
config:
diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml
index 46971469a1..c04d397a9a 100644
--- a/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml
@@ -39,8 +39,6 @@ global:
# secret: 'my-ingress-cert'
# optional: Namespace of the Istio IngressGateway
namespace: istio-ingress
- # don't need ejbca server
- addTestingComponents: &testing false
centralizedLoggingEnabled: &centralizedLogging false
# Disabling CMPv2
cmpv2Enabled: false
@@ -51,25 +49,12 @@ mariadb-galera:
enabled: true
postgres:
enabled: true
-aaf:
- enabled: false
- aaf-sms:
- cps:
- # you must always set the same values as value set in cps.enabled
- enabled: true
aai:
enabled: true
cds:
enabled: true
cli:
enabled: true
-# Today, "contrib" chart that hosting these components must also be enabled
-# in order to make it work. So `contrib.enabled` must have the same value than
-# addTestingComponents
-contrib:
- enabled: *testing
-consul:
- enabled: true
cps:
enabled: true
dcaegen2:
@@ -146,8 +131,6 @@ platform:
enabled: true
policy:
enabled: true
-portal:
- enabled: false
robot:
enabled: true
sdc:
diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
index fd6259e4dc..ac3979ea9d 100644
--- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
@@ -20,8 +20,6 @@ global:
ingress:
enabled: true
enable_all: true
- addTestingComponents: &testing true
- centralizedLoggingEnabled: &centralizedLogging false
cassandra:
enabled: true
mariadb-galera:
@@ -29,27 +27,12 @@ mariadb-galera:
postgres:
enabled: true
-aaf:
- enabled: true
- aaf-sms:
- cps:
- # you must always set the same values as value set in cps.enabled
- enabled: true
aai:
enabled: true
cds:
enabled: true
-clamp:
- enabled: true
cli:
enabled: true
-# Today, "contrib" chart that hosting these components must also be enabled
-# in order to make it work. So `contrib.enabled` must have the same value than
-# addTestingComponents
-contrib:
- enabled: *testing
-consul:
- enabled: true
cps:
enabled: true
dcaegen2-services:
@@ -76,8 +59,6 @@ nbi:
enabled: true
policy:
enabled: true
-portal:
- enabled: false
robot:
enabled: true
sdc:
diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml
index 76fadf9b1f..4efe514513 100644
--- a/kubernetes/onap/resources/overrides/onap-all.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all.yaml
@@ -19,36 +19,18 @@
###################################################################
# This override file enables helm charts for all ONAP applications.
###################################################################
-global:
- addTestingComponents: &testing true
- centralizedLoggingEnabled: &centralizedLogging false
cassandra:
enabled: true
mariadb-galera:
enabled: true
postgres:
enabled: true
-aaf:
- enabled: false
- aaf-sms:
- cps:
- # you must always set the same values as value set in cps.enabled
- enabled: true
aai:
enabled: true
cds:
enabled: true
-clamp:
- enabled: true
cli:
enabled: true
-# Today, "contrib" chart that hosting these components must also be enabled
-# in order to make it work. So `contrib.enabled` must have the same value than
-# addTestingComponents
-contrib:
- enabled: *testing
-consul:
- enabled: true
cps:
enabled: true
dcaegen2-services:
@@ -113,8 +95,6 @@ nbi:
enabled: true
policy:
enabled: true
-portal:
- enabled: false
robot:
enabled: true
sdc:
diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml
index 3980bd5112..c7eb6f2a99 100644
--- a/kubernetes/onap/resources/overrides/onap-vfw.yaml
+++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml
@@ -21,14 +21,8 @@ cassandra:
mariadb-galera:
enabled: true
-aaf:
- enabled: true
aai:
enabled: true
-clamp:
- enabled: true
-consul:
- enabled: true
dcaegen2-services:
enabled: true
holmes:
@@ -43,16 +37,12 @@ dmaap:
enabled: false
dmaap-dr-node:
enabled: false
-log:
- enabled: true
oof:
enabled: true
msb:
enabled: true
policy:
enabled: true
-portal:
- enabled: true
robot:
enabled: true
sdc:
diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml
index e7a4b2a233..47f141a51b 100644
--- a/kubernetes/onap/resources/overrides/sm-onap.yaml
+++ b/kubernetes/onap/resources/overrides/sm-onap.yaml
@@ -60,23 +60,11 @@ aai:
replicas: 1
aai-cassandra:
replicaCount: 1
-aaf:
- enabled: false
- aaf-sms:
- cps:
- # you must always set the same values as value set in cps.enabled
- enabled: false
cassandra:
enabled: true
replicaCount: 3
-clamp:
- enabled: false
cli:
enabled: false
-consul:
- enabled: false
-contrib:
- enabled: false
cps:
enabled: false
dcaegen2-services:
@@ -93,8 +81,6 @@ dmaap:
enabled: true
holmes:
enabled: false
-log:
- enabled: false
mariadb-galera:
enabled: true
msb:
@@ -107,10 +93,6 @@ oof:
enabled: false
policy:
enabled: false
-pomba:
- enabled: false
-portal:
- enabled: false
robot:
enabled: false
sdc:
@@ -133,8 +115,6 @@ sdc:
heapNewSize: "256M"
sdnc:
enabled: true
-sniro-emulator:
- enabled: false
so:
enabled: true
config:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index a8b44e3773..c8459918af 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -27,19 +27,6 @@ global:
nodePortPrefix: 302
nodePortPrefixExt: 304
-
- # Install test components
- # test components are out of the scope of ONAP but allow to have a entire
- # environment to test the different features of ONAP
- # Current tests environments provided:
- # - netbox (needed for CDS IPAM)
- # - AWX (needed for XXX)
- # - EJBCA Server (needed for CMPv2 tests)
- # Today, "contrib" chart that hosting these components must also be enabled
- # in order to make it work. So `contrib.enabled` must have the same value than
- # addTestingComponents
- addTestingComponents: &testing false
-
# ONAP Repository
# Four different repositories are used
# You can change individually these repositories to ones that will serve the
@@ -51,12 +38,6 @@ global:
googleK8sRepository: k8s.gcr.io
githubContainerRegistry: ghcr.io
- #/!\ DEPRECATED /!\
- # Legacy repositories which will be removed at the end of migration.
- # Please don't use
- loggingRepository: *elasticRepository
- busyboxRepository: *dockerHubRepository
-
# Default credentials
# they're optional. If the target repository doesn't need them, comment them
repositoryCred:
@@ -207,7 +188,6 @@ global:
# POC Mode, only for use in development environment
# Keep it enabled in production
aafEnabled: false
- aafAgentImage: onap/aaf/aaf_agent:2.1.20
# Disabling MSB
# POC Mode, only for use in development environment
@@ -273,14 +253,6 @@ global:
# storageClass: "-"
# Example of specific for the components which requires RWX:
-# aaf:
-# persistence:
-# storageClassOverride: "My_RWX_Storage_Class"
-# contrib:
-# netbox:
-# netbox-app:
-# persistence:
-# storageClassOverride: "My_RWX_Storage_Class"
# cds:
# cds-blueprints-processor:
# persistence:
@@ -295,29 +267,14 @@ global:
# to customize the ONAP deployment.
#################################################################
-aaf:
- enabled: false
- aaf-sms:
- cps:
- # you must always set the same values as value set in cps.enabled
- enabled: false
aai:
enabled: false
cassandra:
enabled: false
cds:
enabled: false
-clamp:
- enabled: false
cli:
enabled: false
-consul:
- enabled: false
-# Today, "contrib" chart that hosting these components must also be enabled
-# in order to make it work. So `contrib.enabled` must have the same value than
-# addTestingComponents
-contrib:
- enabled: *testing
cps:
enabled: false
dcaegen2-services:
@@ -334,13 +291,6 @@ dmaap:
enabled: false
dmaap-dr-node:
enabled: false
-# Today, "logging" chart that perform the central part of logging must also be
-# enabled in order to make it work. So `logging.enabled` must have the same
-# value as centralizedLoggingEnabled
-log:
- enabled: *centralizedLogging
-sniro-emulator:
- enabled: false
oof:
enabled: false
mariadb-galera:
@@ -357,10 +307,6 @@ nbi:
openStackVNFTenantId: "1234"
policy:
enabled: false
-pomba:
- enabled: false
-portal:
- enabled: false
robot:
enabled: false
config:
diff --git a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml
index 0c9fe5201a..3e1fdf4dff 100755
--- a/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-a1pms-ppnt/values.yaml
@@ -42,7 +42,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-a1pms-ppnt:6.4.2
+image: onap/policy-clamp-ac-a1pms-ppnt:6.4.3
pullPolicy: Always
componentName: &componentName policy-clamp-ac-a1pms-ppnt
diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
index 9f043ba930..aeaf458daa 100644
--- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
@@ -42,7 +42,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-http-ppnt:6.4.2
+image: onap/policy-clamp-ac-http-ppnt:6.4.3
pullPolicy: Always
componentName: &componentName policy-clamp-ac-http-ppnt
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
index 3d0754c656..0bbdf1307f 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
@@ -43,7 +43,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-k8s-ppnt:6.4.2
+image: onap/policy-clamp-ac-k8s-ppnt:6.4.3
pullPolicy: Always
componentName: &componentName policy-clamp-ac-k8s-ppnt
diff --git a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml
index 13e9472238..a793d615c2 100755
--- a/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-kserve-ppnt/values.yaml
@@ -42,7 +42,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-kserve-ppnt:6.4.2
+image: onap/policy-clamp-ac-kserve-ppnt:6.4.3
pullPolicy: Always
componentName: &componentName policy-clamp-ac-kserve-ppnt
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
index 708bd7dad4..a93fd866f9 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
@@ -54,7 +54,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-pf-ppnt:6.4.2
+image: onap/policy-clamp-ac-pf-ppnt:6.4.3
pullPolicy: Always
componentName: &componentName policy-clamp-ac-pf-ppnt
diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
index 4ec221369b..73a759eae5 100644
--- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
@@ -49,7 +49,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-runtime-acm:6.4.2
+image: onap/policy-clamp-runtime-acm:6.4.3
pullPolicy: Always
componentName: &componentName policy-clamp-runtime-acm
diff --git a/kubernetes/portal/.helmignore b/kubernetes/portal/.helmignore
deleted file mode 100644
index 7ddbad7ef4..0000000000
--- a/kubernetes/portal/.helmignore
+++ /dev/null
@@ -1,22 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-components/
diff --git a/kubernetes/portal/Chart.yaml b/kubernetes/portal/Chart.yaml
deleted file mode 100644
index 5b0816eba5..0000000000
--- a/kubernetes/portal/Chart.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Web Portal
-name: portal
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: portal-app
- version: ~12.x-0
- repository: 'file://components/portal-app'
- - name: portal-cassandra
- version: ~12.x-0
- repository: 'file://components/portal-cassandra'
- - name: portal-mariadb
- version: ~12.x-0
- repository: 'file://components/portal-mariadb'
- - name: portal-sdk
- version: ~12.x-0
- repository: 'file://components/portal-sdk'
- - name: portal-widget
- version: ~12.x-0
- repository: 'file://components/portal-widget'
diff --git a/kubernetes/portal/Makefile b/kubernetes/portal/Makefile
deleted file mode 100644
index eea1b7aefb..0000000000
--- a/kubernetes/portal/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/portal/components/Makefile b/kubernetes/portal/components/Makefile
deleted file mode 100644
index f09e21e75c..0000000000
--- a/kubernetes/portal/components/Makefile
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-ifneq ($(SKIP_LINT),TRUE)
- HELM_LINT_CMD := $(HELM_BIN) lint
-else
- HELM_LINT_CMD := echo "Skipping linting of"
-endif
-
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_LINT_CMD) $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) cm-push -f $$PACKAGE_NAME local; fi
- @sleep 3
- #@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */Chart.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
diff --git a/kubernetes/portal/components/portal-app/.helmignore b/kubernetes/portal/components/portal-app/.helmignore
deleted file mode 100644
index daebc7da77..0000000000
--- a/kubernetes/portal/components/portal-app/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/portal/components/portal-app/Chart.yaml b/kubernetes/portal/components/portal-app/Chart.yaml
deleted file mode 100644
index 276f44f8fa..0000000000
--- a/kubernetes/portal/components/portal-app/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Portal application
-name: portal-app
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties
deleted file mode 100755
index 7020a40bb4..0000000000
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties
+++ /dev/null
@@ -1,63 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-# domain settings
-#domain_class_location =
-
-# validator settings
-#default_error_message = Default error message
-
-login_url_no_ret_val = https://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm
-
-user_attribute_name = user
-
-# User Session settings
-roles_attribute_name = roles
-role_functions_attribute_name = role_functions
-
-# menu settings
-menu_query_name = menuData
-application_menu_set_name = APP
-application_menu_attribute_name = applicationMenuData
-business_direct_menu_set_name = BD
-business_direct_menu_attribute_name = businessDirectMenuData
-
-# ECOMP settings
-ecomp_app_id = 1
-# Role settings
-sys_admin_role_id = 1
-account_admin_role_id = 999
-restricted_app_role_id = 900
-
-# Home Page index html
-home_page = /index.html
-
-authentication_mechanism =DBAUTH
-
-login.error.hrid.empty = Login failed, please contact system administrator.
-login.error.hrid.not-found = User not found, please contact system administrator.
-login.error.user.inactive = Account is disabled, please contact system administrator.
-
-#
-# Number of seconds to poll health (database operational, etc.)
-#
-health_poll_interval_seconds = 5
-#
-# If a component is down a log entry will be written that triggers an alert. This parameter specifies how often this alert should be triggered
-# if the component remains down. For example a value of 30, would translate to 30 * 60 seconds = 1800 seconds, or every 30 minutes
-#
-health_fail_alert_every_x_intervals = 30
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/key.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/key.properties
deleted file mode 100644
index 791853db8f..0000000000
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/key.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-{{/*
-# Encrypted Properties
-*/}}
-cipher.enc.key = ${CIPHER_ENC_KEY}
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml
deleted file mode 100644
index 325da8e9e3..0000000000
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml
+++ /dev/null
@@ -1,300 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ============LICENSE_START==========================================
- ONAP Portal
- ===================================================================
- Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- Modifications Copyright © 2018 Amdocs, Bell Canada
- ====================================================================
- Unless otherwise specified, all software contained herein is licensed
- under the Apache License, Version 2.0 (the “License”);
- you may not use this software except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- Unless otherwise specified, all documentation contained herein is licensed
- under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
- you may not use this documentation except in compliance with the License.
- You may obtain a copy of the License at
-
- https://creativecommons.org/licenses/by/4.0/
-
- Unless required by applicable law or agreed to in writing, documentation
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- ============LICENSE_END============================================
--->
-<!DOCTYPE xml>
-<configuration scan="true" scanPeriod="3 seconds" debug="true">
-
- <!-- specify the component name -->
- <property name="componentName" value="onapportal"></property>
-
- <!-- specify the application name -->
- <property name="application_name" value="Portal"></property>
- <!-- specify the base path of the log directory -->
- <property name="logDirPrefix" value="/var/log/onap"></property>
-
- <!-- The directories where logs are written -->
- <property name="logDirectory" value="${logDirPrefix}/${componentName}" />
- <!-- Can easily relocate debug logs by modifying this path. -->
- <property name="debugLogDirectory" value="${logDirPrefix}/${componentName}" />
-
- <!-- log file names -->
- <property name="generalLogName" value="application" />
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <!-- These loggers are not used in code (yet). <property name="securityLogName"
- value="security" /> <property name="policyLogName" value="policy" /> <property
- name="performanceLogName" value="performance" /> <property name="serverLogName"
- value="server" /> -->
-
- <!-- ServerFQDN=Server, -->
- <property name="auditLoggerPattern"
- value="%X{AuditLogBeginTimestamp}|%X{AuditLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
-
- <property name="metricsLoggerPattern"
- value="%X{MetricsLogBeginTimestamp}|%X{MetricsLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVisualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
-
- <property name="errorLoggerPattern"
- value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{ErrorCategory}|%X{ErrorCode}|%X{ErrorDescription}| %msg%n" />
-
- <property name="defaultLoggerPattern"
- value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ClassName}| %msg%n" />
-
- <!-- use %class so library logging calls yield their class name -->
- <property name="applicationLoggerPattern"
- value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%class{36}| %msg%n" />
-
- <!--
- <property name="defaultPattern"
- value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
- <property name="debugLoggerPattern"
- value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
- -->
- <!-- <property name="debugLoggerPattern" value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n"
- /> -->
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>${applicationLoggerPattern}</pattern>
- </encoder>
- </appender>
-
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
-
- <!-- The EELFAppender is used to record events to the general application
- log -->
-
-
- <appender name="EELF"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${generalLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${generalLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${applicationLoggerPattern}</pattern>
- </encoder>
- <filter class="org.openecomp.portalapp.portal.utils.CustomLoggingFilter" />
- </appender>
-
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <!-- Class name is part of caller data -->
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="EELF" />
- </appender>
-
- <!-- EELF Security Appender. This appender is used to record security events
- to the security log file. Security events are separate from other loggers
- in EELF so that security log records can be captured and managed in a secure
- way separate from the other logs. This appender is set to never discard any
- events. -->
- <!-- <appender name="EELFSecurity" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${securityLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
- </appender> <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize> <discardingThreshold>0</discardingThreshold> <appender-ref
- ref="EELFSecurity" /> </appender> -->
-
- <!-- EELF Performance Appender. This appender is used to record performance
- records. -->
- <!-- <appender name="EELFPerformance" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${performanceLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <outputPatternAsHeader>true</outputPatternAsHeader>
- <pattern>${defaultPattern}</pattern> </encoder> </appender> <appender name="asyncEELFPerformance"
- class="ch.qos.logback.classic.AsyncAppender"> <queueSize>256</queueSize>
- <appender-ref ref="EELFPerformance" /> </appender> -->
-
- <!-- EELF Server Appender. This appender is used to record Server related
- logging events. The Server logger and appender are specializations of the
- EELF application root logger and appender. This can be used to segregate
- Server events from other components, or it can be eliminated to record these
- events as part of the application root log. -->
- <!-- <appender name="EELFServer" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${serverLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
- </appender> <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize> <appender-ref ref="EELFServer" /> </appender> -->
-
- <!-- EELF Policy Appender. This appender is used to record Policy engine
- related logging events. The Policy logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <!-- <appender name="EELFPolicy" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${policyLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
- </appender> <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize> <appender-ref ref="EELFPolicy" /> </appender> -->
-
- <!-- EELF Audit Appender. This appender is used to record audit engine related
- logging events. The audit logger and appender are specializations of the
- EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
-
- <appender name="EELFAudit"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${auditLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${auditLoggerPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
-
- <appender name="EELFMetrics"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${metricsLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${metricsLoggerPattern}</pattern>
- </encoder>
- </appender>
-
-
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
-
- <appender name="EELFError"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${errorLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${errorLoggerPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFError" />
- </appender>
-
- <appender name="EELFDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${debugLogDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${debugLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${defaultLoggerPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFDebug" />
- <includeCallerData>true</includeCallerData>
- </appender>
-
-
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="info" additivity="false">
- <appender-ref ref="asyncEELF" />
- </logger>
-
- <!-- <logger name="com.att.eelf.security" level="info" additivity="false">
- <appender-ref ref="asyncEELFSecurity" /> </logger> <logger name="com.att.eelf.perf"
- level="info" additivity="false"> <appender-ref ref="asyncEELFPerformance"
- /> </logger> <logger name="com.att.eelf.server" level="info" additivity="false">
- <appender-ref ref="asyncEELFServer" /> </logger> <logger name="com.att.eelf.policy"
- level="info" additivity="false"> <appender-ref ref="asyncEELFPolicy" /> </logger> -->
-
- <logger name="EELFAudit" level="info" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
-
- <logger name="EELFMetrics" level="info" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
-
- <logger name="EELFError" level="info" additivity="false">
- <appender-ref ref="asyncEELFError" />
- </logger>
-
- <logger name="com.att.eelf.debug" level="debug" additivity="false">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="asyncEELF" />
- <appender-ref ref="STDOUT" />
- </root>
-
-</configuration>
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties
deleted file mode 100644
index 1fc99383cd..0000000000
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties
+++ /dev/null
@@ -1,35 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-
-music.version = v2
-music.keyspace = keyspaces
-music.session.keyspace = portal
-music.tables = tables
-music.session.attr.tables = spring_session_attributes
-music.session.meta.tables = spring_session
-music.consistency.info = type
-music.consistency.info.value = eventual
-music.cache = false
-music.session.max.inactive.interval.seconds = 1800
-music.serialize.compress = true
-
-#By default it's eventual
-music.atomic.get = false
-music.atomic.put = false
-cassandra.host={{.Values.cassandra.service.name}}
-cassandra.user=${CASSA_USER}
-cassandra.password=${CASSA_PASSWORD}
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties
deleted file mode 100755
index 63533621f7..0000000000
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties
+++ /dev/null
@@ -1,19 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-authentication_server_url = http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/
-ecomp_openid_connect_client = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/openid_connect_login
-ecomp_redirect_uri = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/welcome.htm
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties
deleted file mode 100755
index 4da4854188..0000000000
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-# Not used by portal
-portal.api.impl.class = org.onap.portalsdk.core.onboarding.client.OnBoardingApiServiceImpl.not.used.by.portal
-portal.api.prefix = /api
-max.idle.time = 5
-user.attribute.name = user_attribute
-
-# for single sign on
-ecomp_redirect_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm
-
-# URL of the ECOMP Portal REST API
-ecomp_rest_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/auxapi
-
-ueb_listeners_enable = true
-
-ueb_app_key = 7GkVcrO6sIDb3ngW
-ueb_app_secret = uCYgKjWKK5IxPGNNZzYSSWo9
-ueb_app_mailbox_name = ECOMP-PORTAL-INBOX
-
-ueb_url_list = message-router
-ecomp_portal_inbox_name = ECOMP-PORTAL-INBOX
-
-# Consumer group name for UEB topic.
-# Use the special tag to generate a unique one for each sdk-app server.
-ueb_app_consumer_group_name = {UUID}
-
-role_access_centralized = remote
-
-ext_req_connection_timeout = 15000
-ext_req_read_timeout = 20000
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
deleted file mode 100755
index 34c7f1dee0..0000000000
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
+++ /dev/null
@@ -1,127 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-# Modifications Copyright © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-#mysql
-db.driver = org.mariadb.jdbc.Driver
-db.connectionURL = jdbc:mariadb:failover://portal-db:3306/portal
-db.userName =${PORTAL_DB_USER}
-db.password =${PORTAL_DB_PASSWORD}
-db.hib.dialect = org.hibernate.dialect.MySQLDialect
-db.min_pool_size = 5
-db.max_pool_size = 10
-hb.dialect = org.hibernate.dialect.MySQLDialect
-hb.show_sql = false
-hb.db_reconnect = true
-hb.idle_connection_test_period = 3600
-
-app_display_name = Portal
-files_path = /tmp
-context_root = ONAPPORTAL
-# menu settings
-menu_query_name = menuData
-menu_properties_file_location = /WEB-INF/fusion/menu/
-application_menu_set_name = APP
-application_menu_attribute_name = applicationMenuData
-application_menu_properties_name = menu.properties
-business_direct_menu_set_name = BD
-business_direct_menu_properties_name = bd.menu.properties
-business_direct_menu_attribute_name = businessDirectMenuData
-
-application_user_id = 30000
-post_default_role_id = 1
-
-#Enable Fusion Mobile capabilities for the application
-mobile_enable = false
-
-cache_config_file_path = /WEB-INF/conf/cache.ccf
-cache_switch = 1
-cache_load_on_startup = false
-
-user_name = fullName
-decryption_key = AGLDdG4D04BKm2IxIWEr8o==
-
-
-#Cron Schedules
-cron_site_name = one
-log_cron = 0 * * * * ? *
-sessiontimeout_feed_cron = 0 0/5 * * * ? *
-
-#Front end URL
-frontend_url = https://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/applicationsHome
-
-
-# An Unqiue 128-bit value defined to indentify a specific version of
-# ECOMP Portal deployed on a specific virtual machine.
-# This value must be generated and updated at the time of
-# the deployment.
-# Online Unique UUID generator - https://www.uuidgenerator.net/
-instance_uuid = 90bc9497-10e6-49fe-916b-dcdfaa972383
-
-elastic_search_url = http://
-contact_us_link = http://
-user_guide_link = http://
-
-# Contact Us page properties
-ush_ticket_url = http://
-feedback_email_address = portal@lists.onap.org
-portal_info_url = https://
-
-#Online user bar refresh interval, in seconds
-online_user_update_rate = 30
-
-#Online user bar refresh total duration, in seconds
-online_user_update_duration = 300
-
-#authenticate user server
-authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/allUsers
-
-#window width threshold to collapse left/right menu when page onload
-window_width_threshold_left_menu = 1400
-window_width_threshold_right_menu = 1350
-
-# User notification refresh interval and duration, in seconds
-notification_update_rate = 90
-notification_update_duration = 900
-
-#Microservices Related Properties for Portal
-microservices.widget.protocol = http
-microservices.widget.hostname = portal-widget
-microservices.widget.username = widget_user
-microservices.widget.password = M+KcrCMVrR1rAxtiFE49n1uXC3FCkNBqFgeYsubEC/U=
-#This property won't be needed after consul is functional on VMs -
-microservices.widget.local.port = 8082
-microservices.m-learn.local.port = 8083
-#HALO API enable flag
-external_access_enable = false
-
-#delete auditlog from number of days ago
-auditlog_del_day_from = 365
-
-#External system notification URL
-external_system_notification_url= https://jira.onap.org/browse/
-
-#cookie domain
-cookie_domain = onap.org
-
-# External Central Auth system access
-remote_centralized_system_access = {{.Values.global.aafEnabled}}
-
-# External Access System Basic Auth Credentials & Rest endpoint
-ext_central_access_user_name = aaf_admin@people.osaaf.org
-ext_central_access_password = demo123456!
-ext_central_access_url = {{.Values.aafURL}}
-ext_central_access_user_domain = @people.osaaf.org
diff --git a/kubernetes/portal/components/portal-app/resources/server/server.xml b/kubernetes/portal/components/portal-app/resources/server/server.xml
deleted file mode 100644
index 38391ae774..0000000000
--- a/kubernetes/portal/components/portal-app/resources/server/server.xml
+++ /dev/null
@@ -1,157 +0,0 @@
-<?xml version='1.0' encoding='utf-8'?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- Modifications to this file for use in ONAP are also subject to the Apache-2.0 license.
--->
-<!-- Note: A "Server" is not itself a "Container", so you may not
- define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/server.html
- -->
-<Server port="8005" shutdown="SHUTDOWN">
- <Listener className="org.apache.catalina.startup.VersionLoggerListener" logArgs="false"/>
- <!-- Security listener. Documentation at /docs/config/listeners.html
- <Listener className="org.apache.catalina.security.SecurityListener" />
- -->
- <!--APR library loader. Documentation at /docs/apr.html -->
- <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
- <!-- Prevent memory leaks due to use of particular java/javax APIs-->
- <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
- <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
- <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
-
- <!-- Global JNDI resources
- Documentation at /docs/jndi-resources-howto.html
- -->
- <GlobalNamingResources>
- <!-- Editable user database that can also be used by
- UserDatabaseRealm to authenticate users
- -->
- <Resource name="UserDatabase" auth="Container"
- type="org.apache.catalina.UserDatabase"
- description="User database that can be updated and saved"
- factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
- pathname="conf/tomcat-users.xml" />
- </GlobalNamingResources>
-
- <!-- A "Service" is a collection of one or more "Connectors" that share
- a single "Container" Note: A "Service" is not itself a "Container",
- so you may not define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/service.html
- -->
- <Service name="Catalina">
-
- <!--The connectors can use a shared executor, you can define one or more named thread pools-->
- <!--
- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
- maxThreads="150" minSpareThreads="4"/>
- -->
-
-
- <!-- A "Connector" represents an endpoint by which requests are received
- and responses are returned. Documentation at :
- Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
- Java AJP Connector: /docs/config/ajp.html
- APR (HTTP/AJP) Connector: /docs/apr.html
- Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
- -->
- <Connector port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- {{ if .Values.global.aafEnabled }}
- redirectPort="8443"
- {{ end }}
- />
- <!-- A "Connector" using the shared thread pool-->
- <!--
- <Connector executor="tomcatThreadPool"
- port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- redirectPort="8443" />
- -->
- <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
- This connector uses the NIO implementation that requires the JSSE
- style configuration. When using the APR/native implementation, the
- OpenSSL style configuration is required as described in the APR/native
- documentation -->
- <!--
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
- maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- clientAuth="false" sslProtocol="TLS" />
- -->
- {{ if .Values.global.aafEnabled }}
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
- maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- keystoreFile="{{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.keystoreFile}}"
- keystorePass="${javax.net.ssl.keyStorePassword}"
- clientAuth="false" sslProtocol="TLS" />
- {{ end }}
- <!-- Define an AJP 1.3 Connector on port 8009 -->
- <Connector port="8009" protocol="AJP/1.3"
- {{ if .Values.global.aafEnabled }}
- redirectPort="8443"
- {{ end }}
- />
-
-
- <!-- An Engine represents the entry point (within Catalina) that processes
- every request. The Engine implementation for Tomcat stand alone
- analyzes the HTTP headers included with the request, and passes them
- on to the appropriate Host (virtual host).
- Documentation at /docs/config/engine.html -->
-
- <!-- You should set jvmRoute to support load-balancing via AJP ie :
- <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
- -->
- <Engine name="Catalina" defaultHost="localhost">
-
- <!--For clustering, please take a look at documentation at:
- /docs/cluster-howto.html (simple how to)
- /docs/config/cluster.html (reference documentation) -->
- <!--
- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
- -->
-
- <!-- Use the LockOutRealm to prevent attempts to guess user passwords
- via a brute-force attack -->
- <Realm className="org.apache.catalina.realm.LockOutRealm">
- <!-- This Realm uses the UserDatabase configured in the global JNDI
- resources under the key "UserDatabase". Any edits
- that are performed against this UserDatabase are immediately
- available for use by the Realm. -->
- <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
- resourceName="UserDatabase"/>
- </Realm>
-
- <Host name="localhost" appBase="webapps"
- unpackWARs="true" autoDeploy="true">
-
- <!-- SingleSignOn valve, share authentication between web applications
- Documentation at: /docs/config/valve.html -->
- <!--
- <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
- -->
-
- <!-- Access log processes all example.
- Documentation at: /docs/config/valve.html
- Note: The pattern used is equivalent to using pattern="common" -->
- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
- prefix="localhost_access_log" suffix=".txt"
- pattern="%h %l %u %t &quot;%r&quot; %s %b" />
-
- </Host>
- </Engine>
- </Service>
-</Server>
diff --git a/kubernetes/portal/components/portal-app/resources/server/web.xml b/kubernetes/portal/components/portal-app/resources/server/web.xml
deleted file mode 100644
index 7c4f2a7275..0000000000
--- a/kubernetes/portal/components/portal-app/resources/server/web.xml
+++ /dev/null
@@ -1,155 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ============LICENSE_START==========================================
- ONAP Portal
- ===================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- ===================================================================
-
- Unless otherwise specified, all software contained herein is licensed
- under the Apache License, Version 2.0 (the "License");
- you may not use this software except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- Unless otherwise specified, all documentation contained herein is licensed
- under the Creative Commons License, Attribution 4.0 Intl. (the "License");
- you may not use this documentation except in compliance with the License.
- You may obtain a copy of the License at
-
- https://creativecommons.org/licenses/by/4.0/
-
- Unless required by applicable law or agreed to in writing, documentation
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- ============LICENSE_END============================================
-
-
- -->
-
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
- <display-name>fusion</display-name>
-
- <!--
- <context-param>
- <param-name>log4jConfigLocation</param-name>
- <param-value>/WEB-INF/conf/log4j.properties</param-value>
- </context-param>
-
- <listener>
- <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
- </listener>
- -->
-
- <!-- The Portal app can function on a HA cluster -->
- <distributable/>
-
- <!-- <context-param>
- <param-name>contextConfigLocation</param-name>
- <param-value>/WEB-INF/oid-context.xml</param-value>
- </context-param>
-
- <listener>
- <listener-class>
- org.springframework.web.context.ContextLoaderListener
- </listener-class>
- </listener> -->
-
-
- <listener>
- <listener-class>org.onap.portalapp.portal.listener.UserSessionListener</listener-class>
- </listener>
- <!--
- <filter>
- <filter-name>springSessionRepositoryFilter</filter-name>
- <filter-class>org.onap.portalapp.music.filter.MusicSessionRepositoryFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>springSessionRepositoryFilter</filter-name>
- <url-pattern>/*</url-pattern>
- <dispatcher>REQUEST</dispatcher>
- <dispatcher>ERROR</dispatcher>
- </filter-mapping>
- -->
- <filter>
- <filter-name>CorsFilter</filter-name>
- <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
- <init-param>
- <param-name>cors.allowed.origins</param-name>
- <param-value>http://www.portal.onap.org:9200,http://www.portal.onap.org:9000</param-value>
- </init-param>
- <init-param>
- <param-name>cors.allowed.methods</param-name>
- <param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value>
- </init-param>
- <init-param>
- <param-name>cors.allowed.headers</param-name>
- <param-value>EPService,JSESSIONID,X-ECOMP-RequestID,X-Widgets-Type,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
- </init-param>
- <init-param>
- <param-name>cors.exposed.headers</param-name>
- <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
- </init-param>
- <init-param>
- <param-name>cors.support.credentials</param-name>
- <param-value>true</param-value>
- </init-param>
- <init-param>
- <param-name>cors.preflight.maxage</param-name>
- <param-value>10</param-value>
- </init-param>
- </filter>
-
- <filter-mapping>
- <filter-name>CorsFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
-
- <filter>
- <filter-name>SecurityXssFilter</filter-name>
- <filter-class>org.onap.portalapp.filter.SecurityXssFilter</filter-class>
- </filter>
-
- <filter-mapping>
- <filter-name>SecurityXssFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
-<!-- <filter> -->
-<!-- <filter-name>CadiAuthFilter</filter-name> -->
-<!-- <filter-class>org.onap.portalsdk.core.onboarding.crossapi.CadiAuthFilter</filter-class> -->
-<!-- <init-param> -->
-<!-- <param-name>cadi_prop_files</param-name> -->
-<!-- Add Absolute path of cadi.properties -->
-<!-- <param-value>{Path}/cadi.properties -->
-<!-- </param-value> -->
-<!-- </init-param> -->
-<!-- Add param values with comma delimited values -->
-<!-- <init-param> -->
-<!-- <param-name>include_url_endpoints</param-name> -->
-<!-- <param-value>/auxapi/*</param-value> -->
-<!-- </init-param> -->
-<!-- <init-param> -->
-<!-- <param-name>exclude_url_endpoints</param-name> -->
-<!-- <param-value>/api/v3/analytics,/api/v3/storeAnalytics</param-value> -->
-<!-- </init-param> -->
-<!-- </filter> -->
-<!-- <filter-mapping> -->
-<!-- <filter-name>CadiAuthFilter</filter-name> -->
-<!-- <url-pattern>/auxapi/v3/*</url-pattern> -->
-<!-- </filter-mapping> -->
-<!-- <filter-mapping> -->
-<!-- <filter-name>CadiAuthFilter</filter-name> -->
-<!-- <url-pattern>/auxapi/v4/*</url-pattern> -->
-
-<!-- </filter-mapping> -->
-</web-app>
diff --git a/kubernetes/portal/components/portal-app/templates/NOTES.txt b/kubernetes/portal/components/portal-app/templates/NOTES.txt
deleted file mode 100644
index 9a67a4c9bb..0000000000
--- a/kubernetes/portal/components/portal-app/templates/NOTES.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/portal/components/portal-app/templates/configmap.yaml b/kubernetes/portal/components/portal-app/templates/configmap.yaml
deleted file mode 100644
index a6d8234ee6..0000000000
--- a/kubernetes/portal/components/portal-app/templates/configmap.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-onapportal
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/portal/components/portal-app/templates/deployment.yaml b/kubernetes/portal/components/portal-app/templates/deployment.yaml
deleted file mode 100644
index 243d5ef5d0..0000000000
--- a/kubernetes/portal/components/portal-app/templates/deployment.yaml
+++ /dev/null
@@ -1,191 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - name: {{ include "common.name" . }}-job-completion
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
- command:
- - /app/ready.py
- args:
- - --job-name
- - {{ include "common.release" . }}-portal-db-config
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: {{ include "common.name" . }}-portal-config
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - sh
- args:
- - "-c"
- - |
- cd /config-input && \
- for PFILE in `ls -1 *.xml`
- do
- cp ${PFILE} /config
- chmod 0755 /config/${PFILE}
- done
- cd /config-input && \
- for PFILE in `ls -1 *.properties`
- do
- envsubst <${PFILE} >/config/${PFILE}
- chmod 0755 /config/${PFILE}
- done
- env:
- - name: CASSA_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "login") | indent 12 }}
- - name: CASSA_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "password") | indent 12 }}
- - name: CIPHER_ENC_KEY
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cipher-enc-key" "key" "password") | indent 12 }}
- - name: PORTAL_DB_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "login") | indent 12 }}
- - name: PORTAL_DB_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "password") | indent 12 }}
- volumeMounts:
- - mountPath: /config-input
- name: properties-onapportal-scrubbed
- - mountPath: /config
- name: properties-onapportal
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["bash","-c"]
- {{- if .Values.global.aafEnabled }}
- args: ["export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0);\
- export _JAVA_OPTIONS=\"-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \
- -Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
- /start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"]
- env:
- - name: CATALINA_OPTS
- value: >
- -Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}"
- -Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}"
- {{- else }}
- args: ["/start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"]
- {{- end }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
- - containerPort: {{ .Values.service.internalPort3 }}
- - containerPort: {{ .Values.service.internalPort4 }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/fusion/conf/fusion.properties"
- subPath: fusion.properties
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/openid-connect.properties"
- subPath: openid-connect.properties
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/conf/system.properties"
- subPath: system.properties
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/portal.properties"
- subPath: portal.properties
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/key.properties"
- subPath: key.properties
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/music.properties"
- subPath: music.properties
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/logback.xml"
- subPath: logback.xml
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
- subPath: server.xml
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/web.xml"
- subPath: web.xml
- - name: properties-onapportal
- mountPath: "{{ .Values.global.env.tomcatDir }}/temp"
- - name: var-log-onap
- mountPath: "{{ .Values.log.path }}"
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
-{{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- {{ include "common.log.sidecar" . | nindent 6 }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
-{{ include "common.certInitializer.volumes" . | indent 8 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: properties-onapportal
- emptyDir:
- medium: Memory
- - name: properties-onapportal-scrubbed
- configMap:
- name: {{ include "common.fullname" . }}-onapportal
- defaultMode: 0755
- {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix . )) | nindent 8 }}
- - name: var-log-onap
- emptyDir: {}
- - name: portal-tomcat-logs
- emptyDir: {}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/portal/components/portal-app/templates/ingress.yaml b/kubernetes/portal/components/portal-app/templates/ingress.yaml
deleted file mode 100644
index 8f87c68f1e..0000000000
--- a/kubernetes/portal/components/portal-app/templates/ingress.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "common.ingress" . }}
diff --git a/kubernetes/portal/components/portal-app/templates/secret.yaml b/kubernetes/portal/components/portal-app/templates/secret.yaml
deleted file mode 100644
index 78fc709202..0000000000
--- a/kubernetes/portal/components/portal-app/templates/secret.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-# Modifications Copyright © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/portal/components/portal-app/templates/service.yaml b/kubernetes/portal/components/portal-app/templates/service.yaml
deleted file mode 100644
index 523b950f8b..0000000000
--- a/kubernetes/portal/components/portal-app/templates/service.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
- msb.onap.org/service-info: '[
- {
- "serviceName": "portal",
- "version": "v2",
- "url": "/",
- "protocol": "REST"
- "port": "{{ .Values.service.externalPort }}",
- "visualRange":"1"
- }
- ]'
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{ if or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer") -}}
- - port: {{ .Values.service.externalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
- name: {{ .Values.service.portName }}4
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName }}2
- - port: {{ .Values.service.externalPort3 }}
- targetPort: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName }}3
- {{- end }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/portal/components/portal-app/values.yaml b/kubernetes/portal/components/portal-app/values.yaml
deleted file mode 100644
index 483a7f3568..0000000000
--- a/kubernetes/portal/components/portal-app/values.yaml
+++ /dev/null
@@ -1,179 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018,2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- env:
- tomcatDir: "/usr/local/tomcat"
- nodePortPrefix: 302
- #AAF service
- aafEnabled: true
-
-################################################################
-# Secrets metaconfig
-#################################################################
-
-secrets:
- - uid: portal-cass
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.cassandra.config.cassandraExternalSecret) . }}'
- login: '{{ .Values.cassandra.config.cassandraUsername }}'
- password: '{{ .Values.cassandra.config.cassandraPassword }}'
- passwordPolicy: required
- - uid: cipher-enc-key
- type: password
- externalSecret: '{{ .Values.config.cipherEncKeyExternalSecret}}'
- password: '{{ .Values.config.cipherEncKey }}'
- passwordPolicy: required
- - uid: portal-backend-db
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}'
- login: '{{ .Values.mariadb.config.backendUserName }}'
- password: '{{ .Values.mariadb.config.backendPassword }}'
- passwordPolicy: required
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-# application image
-image: onap/portal-app:3.4.2
-pullPolicy: Always
-
-# application configuration
-config:
- # cipherEncKeyExternalSecret: some secret
- cipherEncKey: AGLDdG4D04BKm2IxIWEr8o==!
-
-#AAF local config
-
-aafURL: https://aaf-service:8100/authz/
-certInitializer:
- nameOverride: portal-app-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- fqdn: portal
- fqi: portal@portal.onap.org
- public_fqdn: portal.onap.org
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- credsPath: /opt/app/osaaf/local
- app_ns: org.osaaf.aaf
- permission_user: 1000
- permission_group: 999
- keystoreFile: "org.onap.portal.p12"
- truststoreFile: "org.onap.portal.trust.jks"
- aaf_add_config: |
- echo "cadi_truststore_password=$cadi_truststore_password" > {{ .Values.credsPath }}/mycreds.prop
- echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" >> {{ .Values.credsPath }}/mycreds.prop
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: LoadBalancer
- name: portal-app
- portName: portal-app
- externalPort: 8989
- internalPort: 8080
- nodePort: 15
- externalPort2: 8006
- internalPort2: 8005
- nodePort2: 13
- externalPort3: 8010
- internalPort3: 8009
- nodePort3: 14
- externalPort4: 8443
- internalPort4: 8443
- nodePort4: 25
-
-mariadb:
- service:
- name: portal-db
- config:
- # backendDbExternalSecret: some secret
- backendUserName: portal
- backendPassword: portal
-widget:
- service:
- name: portal-widget
-cassandra:
- service:
- name: portal-cassandra
- config:
- # cassandraExternalSecret: some secret
- cassandraUsername: root
- cassandraPassword: Aa123456
-messageRouter:
- service:
- name: message-router
-
-ingress:
- enabled: false
- service:
- - baseaddr: portal-ui
- name: "portal-app"
- port: 8443
- plain_port: 8080
- config:
- ssl: "redirect"
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2.2
- memory: 800Mi
- requests:
- cpu: 30m
- memory: 460Mi
- large:
- limits:
- cpu: 4
- memory: 15Gi
- requests:
- cpu: 2
- memory: 8Gi
- unlimited: {}
-
-# Log configuration
-log:
- path: /var/log/onap
-logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-#Pods Service Account
-serviceAccount:
- nameOverride: portal-app
- roles:
- - read
diff --git a/kubernetes/portal/components/portal-cassandra/.helmignore b/kubernetes/portal/components/portal-cassandra/.helmignore
deleted file mode 100644
index daebc7da77..0000000000
--- a/kubernetes/portal/components/portal-cassandra/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/portal/components/portal-cassandra/Chart.yaml b/kubernetes/portal/components/portal-cassandra/Chart.yaml
deleted file mode 100644
index 21ec14daef..0000000000
--- a/kubernetes/portal/components/portal-cassandra/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Portal cassandra
-name: portal-cassandra
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql b/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql
deleted file mode 100644
index 21715a9e2a..0000000000
--- a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql
+++ /dev/null
@@ -1,72 +0,0 @@
-// Copyright (c) 2018 Amdocs, Bell Canada, AT&T
-// Modifications Copyright (c) 2020 Nokia
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-CREATE KEYSPACE IF NOT EXISTS portal
- WITH REPLICATION = {
- 'class' : 'SimpleStrategy',
- 'replication_factor': 1
- }
- AND DURABLE_WRITES = true;
-
-
-CREATE TABLE portal.spring_session (
- primary_id text PRIMARY KEY,
- creation_time text,
- expiry_time text,
- last_access_time text,
- max_inactive_interval text,
- principal_name text,
- session_id text,
- vector_ts text
-) WITH bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '10'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE';
-
-
-CREATE TABLE portal.spring_session_attributes (
- primary_id text,
- attribute_name text,
- attribute_bytes blob,
- vector_ts text,
- PRIMARY KEY (primary_id, attribute_name)
-) WITH CLUSTERING ORDER BY (attribute_name ASC)
- AND bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '1'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE';
-
-CREATE TABLE portal.health_check (primary_id text PRIMARY KEY, creation_time text);
-insert into portal.health_check (primary_id,creation_time) values ('ECOMPPortal-25927','2018-05-25T20:14:39.408Z');
diff --git a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql b/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql
deleted file mode 100644
index a9771bfa5d..0000000000
--- a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql
+++ /dev/null
@@ -1,145 +0,0 @@
-// Copyright © 2018 Amdocs, Bell Canada, AT&T
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-
-CREATE KEYSPACE IF NOT EXISTS admin
- WITH REPLICATION = {
- 'class' : 'SimpleStrategy',
- 'replication_factor': 1
- }
- AND DURABLE_WRITES = true;
-
-CREATE TABLE IF NOT EXISTS admin.keyspace_master (
- uuid uuid,
- keyspace_name text,
- application_name text,
- is_api boolean,
- password text,
- username text,
- is_aaf boolean,
- PRIMARY KEY (uuid)
-);
-
-
-CREATE KEYSPACE IF NOT EXISTS portal
- WITH REPLICATION = {
- 'class' : 'SimpleStrategy',
- 'replication_factor': 1
- }
- AND DURABLE_WRITES = true;
-
-
-CREATE TABLE portal.spring_session (
- primary_id text PRIMARY KEY,
- creation_time text,
- expiry_time text,
- last_access_time text,
- max_inactive_interval text,
- principal_name text,
- session_id text,
- vector_ts text
-) WITH bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '10'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE';
-
-
-CREATE TABLE portal.spring_session_attributes (
- primary_id text,
- attribute_name text,
- attribute_bytes blob,
- vector_ts text,
- PRIMARY KEY (primary_id, attribute_name)
-) WITH CLUSTERING ORDER BY (attribute_name ASC)
- AND bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '1'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE';
-
-
-
-CREATE KEYSPACE IF NOT EXISTS portalsdk
- WITH REPLICATION = {
- 'class' : 'SimpleStrategy',
- 'replication_factor': 1
- }
- AND DURABLE_WRITES = true;
-
-
-CREATE TABLE portalsdk.spring_session (
- primary_id text PRIMARY KEY,
- creation_time text,
- expiry_time text,
- last_access_time text,
- max_inactive_interval text,
- principal_name text,
- session_id text,
- vector_ts text
-) WITH bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '10'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE';
-
-
-CREATE TABLE portalsdk.spring_session_attributes (
- primary_id text,
- attribute_name text,
- attribute_bytes blob,
- vector_ts text,
- PRIMARY KEY (primary_id, attribute_name)
-) WITH CLUSTERING ORDER BY (attribute_name ASC)
- AND bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '1'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE'; \ No newline at end of file
diff --git a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql b/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql
deleted file mode 100644
index 4f6148e3f1..0000000000
--- a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql
+++ /dev/null
@@ -1,68 +0,0 @@
-// Copyright © 2018 Amdocs, Bell Canada, AT&T
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-CREATE KEYSPACE IF NOT EXISTS portalsdk
- WITH REPLICATION = {
- 'class' : 'SimpleStrategy',
- 'replication_factor': 1
- }
- AND DURABLE_WRITES = true;
-
-
-CREATE TABLE portalsdk.spring_session (
- primary_id text PRIMARY KEY,
- creation_time text,
- expiry_time text,
- last_access_time text,
- max_inactive_interval text,
- principal_name text,
- session_id text,
- vector_ts text
-) WITH bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '10'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE';
-
-
-CREATE TABLE portalsdk.spring_session_attributes (
- primary_id text,
- attribute_name text,
- attribute_bytes blob,
- vector_ts text,
- PRIMARY KEY (primary_id, attribute_name)
-) WITH CLUSTERING ORDER BY (attribute_name ASC)
- AND bloom_filter_fp_chance = 0.01
- AND caching = {'keys': 'ALL', 'rows_per_partition': '1'}
- AND comment = ''
- AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
- AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
- AND crc_check_chance = 1.0
- AND dclocal_read_repair_chance = 0.1
- AND default_time_to_live = 0
- AND gc_grace_seconds = 864000
- AND max_index_interval = 2048
- AND memtable_flush_period_in_ms = 0
- AND min_index_interval = 128
- AND read_repair_chance = 0.0
- AND speculative_retry = '99PERCENTILE';
diff --git a/kubernetes/portal/components/portal-cassandra/templates/NOTES.txt b/kubernetes/portal/components/portal-cassandra/templates/NOTES.txt
deleted file mode 100644
index ee7a285cc0..0000000000
--- a/kubernetes/portal/components/portal-cassandra/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/portal/components/portal-cassandra/templates/configmap.yaml b/kubernetes/portal/components/portal-cassandra/templates/configmap.yaml
deleted file mode 100644
index 5cd33b43a2..0000000000
--- a/kubernetes/portal/components/portal-cassandra/templates/configmap.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-docker-entry-initd
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/cassandra/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }}
-
diff --git a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
deleted file mode 100644
index e0bf941f54..0000000000
--- a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
+++ /dev/null
@@ -1,157 +0,0 @@
-{{/*
-# Copyright (c) 2017 Amdocs, Bell Canada
-# Modifications Copyright (c) 2018 AT&T
-# Modifications Copyright (c) 2020 Nokia, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /bin/bash
- - -c
- - |
- /opt/bitnami/scripts/cassandra/entrypoint.sh /opt/bitnami/scripts/cassandra/run.sh
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
- - containerPort: {{ .Values.service.internalPort3 }}
- - containerPort: {{ .Values.service.internalPort4 }}
- - containerPort: {{ .Values.service.internalPort5 }}
- {{ if eq .Values.liveness.enabled true }}
- livenessProbe:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- nodetool status
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- successThreshold: {{ .Values.liveness.successThreshold }}
- failureThreshold: {{ .Values.liveness.failureThreshold }}
- {{ end }}
- readinessProbe:
- exec:
- command:
- - /bin/bash
- - -ec
- - |
- nodetool status | grep -E "^UN\\s+${POD_IP}"
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
- successThreshold: {{ .Values.readiness.successThreshold }}
- failureThreshold: {{ .Values.readiness.failureThreshold }}
- lifecycle:
- preStop:
- exec:
- command:
- - bash
- - -ec
- - nodetool decommission
- env:
- - name: CASSANDRA_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12}}
- - name: CASSANDRA_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12}}
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: CASSANDRA_PASSWORD_SEEDER
- value: "yes"
- - name: BITNAMI_DEBUG
- value: "true"
- - name: CASSANDRA_CLUSTER_NAME
- value: cassandra
- - name: CASSANDRA_NUM_TOKENS
- value: "256"
- - name: CASSANDRA_DATACENTER
- value: dc1
- - name: CASSANDRA_ENDPOINT_SNITCH
- value: SimpleSnitch
- - name: CASSANDRA_RACK
- value: rack1
- - name: CASSANDRA_ENABLE_RPC
- value: "true"
- {{- $flavor := include "common.flavor" . }}
- {{- $heap := pluck $flavor .Values.heap | first }}
- {{- if (hasKey $heap "max") }}
- - name: MAX_HEAP_SIZE
- value: {{ $heap.max }}
- {{- end }}
- {{- if (hasKey $heap "new") }}
- - name: HEAP_NEWSIZE
- value: {{ $heap.new }}
- {{- end }}
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: cassandra-docker-entrypoint-initdb
- mountPath: /docker-entrypoint-initdb.d/aaa_portal.cql
- subPath: portal.cql
- - name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/cassandra/data
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: cassandra-docker-entrypoint-initdb
- configMap:
- name: {{ include "common.fullname" . }}-docker-entry-initd
- - name: localtime
- hostPath:
- path: /etc/localtime
- {{- if .Values.persistence.enabled }}
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/portal/components/portal-cassandra/templates/pv.yaml b/kubernetes/portal/components/portal-cassandra/templates/pv.yaml
deleted file mode 100644
index e10b003570..0000000000
--- a/kubernetes/portal/components/portal-cassandra/templates/pv.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/portal/components/portal-cassandra/templates/pvc.yaml b/kubernetes/portal/components/portal-cassandra/templates/pvc.yaml
deleted file mode 100644
index 1cadcc51d5..0000000000
--- a/kubernetes/portal/components/portal-cassandra/templates/pvc.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/portal/components/portal-cassandra/templates/secrets.yaml b/kubernetes/portal/components/portal-cassandra/templates/secrets.yaml
deleted file mode 100644
index 34932b713d..0000000000
--- a/kubernetes/portal/components/portal-cassandra/templates/secrets.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/portal/components/portal-cassandra/templates/service.yaml b/kubernetes/portal/components/portal-cassandra/templates/service.yaml
deleted file mode 100644
index 8f486c2175..0000000000
--- a/kubernetes/portal/components/portal-cassandra/templates/service.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName }}2
- - port: {{ .Values.service.externalPort3 }}
- targetPort: {{ .Values.service.internalPort3 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }}
- name: {{ .Values.service.portName }}3
- - port: {{ .Values.service.externalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
- name: {{ .Values.service.portName }}4
- - port: {{ .Values.service.externalPort5 }}
- targetPort: {{ .Values.service.internalPort5 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort5 }}
- name: {{ .Values.service.portName }}5
-
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName }}2
- - port: {{ .Values.service.externalPort3 }}
- targetPort: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName }}3
- - port: {{ .Values.service.externalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- name: {{ .Values.service.portName }}4
- - port: {{ .Values.service.externalPort5 }}
- targetPort: {{ .Values.service.internalPort5 }}
- name: {{ .Values.service.portName }}5
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/portal/components/portal-cassandra/values.yaml b/kubernetes/portal/components/portal-cassandra/values.yaml
deleted file mode 100644
index c3ffb4ffec..0000000000
--- a/kubernetes/portal/components/portal-cassandra/values.yaml
+++ /dev/null
@@ -1,148 +0,0 @@
-# Copyright (c) 2017 Amdocs, Bell Canada
-# Modifications Copyright (c) 2018 AT&T
-# Modifications Copyright (c) 2020 Nokia, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-global: # global defaults
- nodePortPrefix: 302
- persistence: {}
-
-
-# application image
-image: bitnami/cassandra:3.11.9-debian-10-r30
-pullPolicy: Always
-
-#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
- - uid: 'db-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.cassandraExternalSecret) . }}'
- login: '{{ .Values.config.cassandraUsername }}'
- password: '{{ .Values.config.cassandraPassword }}'
-
-# application configuration
-config:
- cassandraUsername: root
- cassandraPassword: Aa123456
-# cassandraCredsExternalSecret: some secret
- cassandraJvmOpts: -Xmx2536m -Xms2536m
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 20
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 20
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: portal/cassandra/data
-
-service:
- type: ClusterIP
- name: portal-cassandra
- portName: portal-cassandra
- externalPort: 9160
- internalPort: 9160
- externalPort2: 7000
- internalPort2: 7000
- externalPort3: 7001
- internalPort3: 7001
- externalPort4: 7199
- internalPort4: 7199
- externalPort5: 9042
- internalPort5: 9042
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 500m
- memory: 3.75Gi
- requests:
- cpu: 160m
- memory: 3.1Gi
- large:
- limits:
- cpu: 4
- memory: 10Gi
- requests:
- cpu: 2
- memory: 6Gi
- unlimited: {}
-
-heap:
- # Heap size is tightly correlated to RAM limits.
- # If limit > 8G, Cassandra should define itself the best value.
- # If not, you must set up it in a coherent way with limits set
- # Refer to https://docs.datastax.com/en/cassandra-oss/3.0/cassandra/operations/opsTuneJVM.html#Determiningtheheapsize
- # for more informations.
- small:
- max: 3G
- new: 100M
- large: {}
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: portal-cassandra
- roles:
- - read
diff --git a/kubernetes/portal/components/portal-mariadb/.helmignore b/kubernetes/portal/components/portal-mariadb/.helmignore
deleted file mode 100644
index daebc7da77..0000000000
--- a/kubernetes/portal/components/portal-mariadb/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/portal/components/portal-mariadb/Chart.yaml b/kubernetes/portal/components/portal-mariadb/Chart.yaml
deleted file mode 100644
index c12659d903..0000000000
--- a/kubernetes/portal/components/portal-mariadb/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: MariaDB Service
-name: portal-mariadb
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
deleted file mode 100644
index 709877943c..0000000000
--- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
+++ /dev/null
@@ -1,384 +0,0 @@
-#!/bin/bash
-
-set -eo pipefail
-
-# logging functions
-mysql_log() {
- local type
- type="$1"; shift
- printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*"
-}
-mysql_note() {
- mysql_log Note "$@"
-}
-mysql_warn() {
- mysql_log Warn "$@" >&2
-}
-mysql_error() {
- mysql_log ERROR "$@" >&2
- exit 1
-}
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var
- var="$1"
- local fileVar
- fileVar="${var}_FILE"
- local def
- def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- mysql_error "Both $var and $fileVar are set (but are exclusive)"
- fi
- local val
- val="$def"
- # val="${!var}"
- # val="$(< "${!fileVar}")"
- # eval replacement of the bashism equivalents above presents no security issue here
- # since var and fileVar variables contents are derived from the file_env() function arguments.
- # This method is only called inside this script with a limited number of possible values.
- if [ "${!var:-}" ]; then
- eval val=\$$var
- elif [ "${!fileVar:-}" ]; then
- val="$(< "$(eval echo "\$$fileVar")")"
- fi
- export "$var"="$val"
- unset "$fileVar"
-}
-
-
-# usage: docker_process_init_files [file [file [...]]]
-# ie: docker_process_init_files /always-initdb.d/*
-# process initializer files, based on file extensions
-docker_process_init_files() {
- # mysql here for backwards compatibility "${mysql[@]}"
- mysql=( docker_process_sql )
-
- echo
- local f
- for f; do
- case "$f" in
- *.sh)
- # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
- # https://github.com/docker-library/postgres/pull/452
- if [ -x "$f" ]; then
- mysql_note "$0: running $f"
- "$f"
- else
- mysql_note "$0: sourcing $f"
- . "$f"
- fi
- ;;
- *.sql) mysql_note "$0: running $f"; docker_process_sql < "$f"; echo ;;
- *.sql.gz) mysql_note "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
- *.sql.xz) mysql_note "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
- *) mysql_warn "$0: ignoring $f" ;;
- esac
- echo
- done
-}
-
-mysql_check_config() {
- local toRun
- local errors
- toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" )
- if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
- mysql_error "$(printf 'mysqld failed while attempting to check config\n\tcommand was: ')${toRun[*]}$(printf'\n\t')$errors"
- fi
-}
-
-# Fetch value from server config
-# We use mysqld --verbose --help instead of my_print_defaults because the
-# latter only show values present in config files, and not server defaults
-mysql_get_config() {
- local conf
- conf="$1"; shift
- "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \
- | awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
- # match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)"
-}
-
-# Do a temporary startup of the MySQL server, for init purposes
-docker_temp_server_start() {
- "$@" --skip-networking --socket="${SOCKET}" &
- mysql_note "Waiting for server startup"
- local i
- for i in $(seq 30 -1 0); do
- # only use the root password if the database has already been initializaed
- # so that it won't try to fill in a password file when it hasn't been set yet
- extraArgs=""
- if [ "$DATABASE_ALREADY_EXISTS" = "false" ]; then
- extraArgs=${extraArgs}" --dont-use-mysql-root-password"
- fi
- if echo 'SELECT 1' |docker_process_sql ${extraArgs} --database=mysql >/dev/null 2>&1; then
- break
- fi
- sleep 1
- done
- if [ "$i" = 0 ]; then
- mysql_error "Unable to start server."
- fi
-}
-
-# Stop the server. When using a local socket file mysqladmin will block until
-# the shutdown is complete.
-docker_temp_server_stop() {
- if ! mysqladmin --defaults-extra-file=<( _mysql_passfile ) shutdown -uroot --socket="${SOCKET}"; then
- mysql_error "Unable to shut down server."
- fi
-}
-
-# Verify that the minimally required password settings are set for new databases.
-docker_verify_minimum_env() {
- if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
- mysql_error "$(printf'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD')"
- fi
-}
-
-# creates folders for the database
-# also ensures permission for user mysql of run as root
-docker_create_db_directories() {
- local user
- user="$(id -u)"
-
- # TODO other directories that are used by default? like /var/lib/mysql-files
- # see https://github.com/docker-library/mysql/issues/562
- mkdir -p "$DATADIR"
-
- if [ "$user" = "0" ]; then
- # this will cause less disk access than `chown -R`
- find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
- fi
-}
-
-# initializes the database directory
-docker_init_database_dir() {
- mysql_note "Initializing database files"
- installArgs=" --datadir=$DATADIR --rpm "
- if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then
- # beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password
- # see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3
- # (this flag doesn't exist in 10.0 and below)
- installArgs=${installArgs}" --auth-root-authentication-method=normal"
- fi
- # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
- mysql_install_db ${installArgs} "$(echo ${@} | sed 's/^ *[^ ]* *//')"
- mysql_note "Database files initialized"
-}
-
-if [ -z "$DATADIR" ]; then
- DATADIR='unknown'
-fi
-if [ -z "$SOCKET" ]; then
- SOCKET='unknown'
-fi
-if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- DATABASE_ALREADY_EXISTS='false'
-fi
-
-# Loads various settings that are used elsewhere in the script
-# This should be called after mysql_check_config, but before any other functions
-docker_setup_env() {
- # Get config
- DATADIR="$(mysql_get_config 'datadir' "$@")"
- SOCKET="$(mysql_get_config 'socket' "$@")"
-
- # Initialize values that might be stored in a file
- file_env 'MYSQL_ROOT_HOST' '%'
- file_env 'MYSQL_DATABASE'
- file_env 'MYSQL_USER'
- file_env 'MYSQL_PASSWORD'
- file_env 'MYSQL_ROOT_PASSWORD'
- file_env 'PORTAL_DB_TABLES'
-
- if [ -d "$DATADIR/mysql" ]; then
- DATABASE_ALREADY_EXISTS='true'
- fi
-}
-
-# Execute sql script, passed via stdin
-# usage: docker_process_sql [--dont-use-mysql-root-password] [mysql-cli-args]
-# ie: docker_process_sql --database=mydb <<<'INSERT ...'
-# ie: docker_process_sql --dont-use-mysql-root-password --database=mydb <my-file.sql
-docker_process_sql() {
- passfileArgs=""
- if [ '--dont-use-mysql-root-password' = "$1" ]; then
- passfileArgs=${passfileArgs}" $1"
- shift
- fi
- # args sent in can override this db, since they will be later in the command
- if [ -n "$MYSQL_DATABASE" ]; then
- set -- --database="$MYSQL_DATABASE" "$@"
- fi
-
- mysql --defaults-extra-file=<( _mysql_passfile ${passfileArgs}) --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@"
-}
-
-# Initializes database with timezone info and root password, plus optional extra db/user
-docker_setup_db() {
- # Load timezone info into database
- if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
- {
- # Aria in 10.4+ is slow due to "transactional" (crash safety)
- # https://jira.mariadb.org/browse/MDEV-23326
- # https://github.com/docker-library/mariadb/issues/262
- local tztables
- tztables=( time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type )
- for table in "${tztables[@]}"; do
- echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=0 */;"
- done
-
- # sed is for https://bugs.mysql.com/bug.php?id=20545
- mysql_tzinfo_to_sql /usr/share/zoneinfo \
- | sed 's/Local time zone must be set--see zic manual page/FCTY/'
-
- for table in "${tztables[@]}"; do
- echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=1 */;"
- done
- } | docker_process_sql --dont-use-mysql-root-password --database=mysql
- # tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is not set yet
- fi
- # Generate random root password
- if [ -n "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
- export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
- mysql_note "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
- fi
- # Sets root password and creates root users for non-localhost hosts
- local rootCreate
- rootCreate=
- # default root to listen for connections from anywhere
- if [ -n "$MYSQL_ROOT_HOST" ] && [ "$MYSQL_ROOT_HOST" != 'localhost' ]; then
- # no, we don't care if read finds a terminating character in this heredoc
- # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
- read -r -d '' rootCreate <<-EOSQL || true
- CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
- GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
-EOSQL
- fi
-
- # tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is just now being set
- docker_process_sql --dont-use-mysql-root-password --database=mysql <<-EOSQL
- -- What's done in this file shouldn't be replicated
- -- or products like mysql-fabric won't work
- SET @@SESSION.SQL_LOG_BIN=0;
-
- DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mariadb.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ;
- SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ;
- -- 10.1: https://github.com/MariaDB/server/blob/d925aec1c10cebf6c34825a7de50afe4e630aff4/scripts/mysql_secure_installation.sh#L347-L365
- -- 10.5: https://github.com/MariaDB/server/blob/00c3a28820c67c37ebbca72691f4897b57f2eed5/scripts/mysql_secure_installation.sh#L351-L369
- DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%' ;
-
- GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ;
- FLUSH PRIVILEGES ;
- ${rootCreate}
- DROP DATABASE IF EXISTS test ;
-EOSQL
-
- # Creates a custom database and user if specified
- if [ -n "$MYSQL_DATABASE" ]; then
- mysql_note "Creating database ${MYSQL_DATABASE}"
- echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" |docker_process_sql --database=mysql
- fi
-
- if [ -n "$MYSQL_USER" ] && [ -n "$MYSQL_PASSWORD" ]; then
- mysql_note "Creating user ${MYSQL_USER}"
- echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" |docker_process_sql --database=mysql
-
- if [ -n "$MYSQL_DATABASE" ]; then
- mysql_note "Giving user ${MYSQL_USER} access to schema ${MYSQL_DATABASE}"
- echo "GRANT ALL ON \`$(echo $MYSQL_DATABASE | sed 's@_@\\_@g')\`.* TO '$MYSQL_USER'@'%' ;" | docker_process_sql --database=mysql
- fi
-
- echo "FLUSH PRIVILEGES ;" | docker_process_sql --database=mysql
- fi
-}
-
-_mysql_passfile() {
- # echo the password to the "file" the client uses
- # the client command will use process substitution to create a file on the fly
- # ie: --defaults-extra-file=<( _mysql_passfile )
- if [ '--dont-use-mysql-root-password' != "$1" ] && [ -n "$MYSQL_ROOT_PASSWORD" ]; then
- cat <<-EOF
- [client]
- password="${MYSQL_ROOT_PASSWORD}"
-EOF
- fi
-}
-
-# check arguments for an option that would cause mysqld to stop
-# return true if there is one
-_mysql_want_help() {
- local arg
- for arg; do
- case "$arg" in
- -'?'|--help|--print-defaults|-V|--version)
- return 0
- ;;
- esac
- done
- return 1
-}
-
-_main() {
- # if command starts with an option, prepend mysqld
- if echo "$1" | grep '^-' >/dev/null; then
- set -- mysqld "$@"
- fi
-
- # skip setup if they aren't running mysqld or want an option that stops mysqld
- if [ "$1" = 'mysqld' ] && ! _mysql_want_help "$@"; then
- mysql_note "Entrypoint script for MySQL Server ${MARIADB_VERSION} started."
-
- mysql_check_config "$@"
- # Load various environment variables
- docker_setup_env "$@"
- docker_create_db_directories
-
- # If container is started as root user, restart as dedicated mysql user
- if [ "$(id -u)" = "0" ]; then
- mysql_note "Switching to dedicated user 'mysql'"
- exec gosu mysql "$0" "$@"
- fi
-
- # there's no database, so it needs to be initialized
- if [ "$DATABASE_ALREADY_EXISTS" = "false" ]; then
- docker_verify_minimum_env
-
- # check dir permissions to reduce likelihood of half-initialized database
- ls /docker-entrypoint-initdb.d/ > /dev/null
-
- docker_init_database_dir "$@"
-
- mysql_note "Starting temporary server"
- docker_temp_server_start "$@"
- mysql_note "Temporary server started."
-
- docker_setup_db
- docker_process_init_files /docker-entrypoint-initdb.d/*
-
- for i in $(echo $PORTAL_DB_TABLES | sed "s/,/ /g")
- do
- echo "Granting portal user ALL PRIVILEGES for table $i"
- echo "GRANT ALL ON \`$i\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}"
- done
-
- mysql_note "Stopping temporary server"
- docker_temp_server_stop
- mysql_note "Temporary server stopped"
-
- echo
- mysql_note "MySQL init process done. Ready for start up."
- echo
- fi
- fi
- exec "$@"
-}
-
-# If we are sourced from elsewhere, don't perform any further actions
-# https://stackoverflow.com/questions/2683279/how-to-detect-if-a-script-is-being-sourced/2942183#2942183
-if [ "$(basename $0)" = "docker-entrypoint.sh" ]; then
- _main "$@"
-fi
diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/oom_updates.sql b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/oom_updates.sql
deleted file mode 100644
index f9db78ba4d..0000000000
--- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/oom_updates.sql
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*/
-
-USE portal;
-/*
-Any updates required by OOM to the portaldb are made here.
-1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP
-while the OOM K8s version has these service split up.
-*/
--- app_url is the FE, app_rest_endpoint is the BE
---portal-sdk => TODO: doesn't open a node port yet
-update fn_app set app_url = 'https://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'https://portal-sdk:8443/ONAPPORTALSDK/api/v3' where app_name = 'xDemo App';
---dmaap-bc => the dmaap-bc doesn't open a node port..
-update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
---sdc-be => 8443:30204
---sdc-fe => 8181:30206, 9443:30207
-update fn_app set app_url = 'https://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'https://sdc-be:8443/api/v3' where app_name = 'SDC';
---pap => 8443:30219
-update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v3' where app_name = 'Policy';
---vid => 8080:30200
-update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v3' where app_name = 'Virtual Infrastructure Deployment';
---sparky => TODO: sparky doesn't open a node port yet
-update fn_app set app_url = 'https://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'https://aai-sparky-be.{{.Release.Namespace}}:8000/api/v2' where app_name = 'A&AI UI';
---cli => 8080:30260
-update fn_app set app_url = 'https://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
---msb-iag => 80:30280
-update fn_app set app_url = 'https://{{.Values.config.msbHostName}}:{{.Values.config.msbPort}}/iui/microservices/default.html' where app_name = 'MSB';
-
-
-/*
-Create SO-Monitoring App
-*/
-INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES
-(10, 'SO-Monitoring', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'http://{{.Values.config.soMonitoringHostName}}:{{.Values.config.soMonitoringPort}}', NULL, 'http://so-monitoring:30224', '', '', NULL, 'password', 'Y', 'Y', NULL, 'user', '', '', '', 1,'N','SO-Monitoring');
-
-/*
-Add SO Monitoring to Default apps
-*/
-INSERT IGNORE INTO `fn_pers_user_app_sel` VALUES (10,1,10,'S');
-
-/*
-Add Contact information for SO Monitoring
-*/
-INSERT IGNORE INTO `fn_app_contact_us` (app_id, contact_name, contact_email, url, active_yn, description) VALUES ( 10,"SO Team","so@lists.onap.org","https://wiki.onap.org/display/DW/Approved+Projects",NULL, "Service Orchestration (SO).");
-
-/*
-Additionally, some more update statments; these should be refactored to another SQL file in future releases
-*/
-
--- portal
-update fn_app set auth_central = 'Y' , auth_namespace = 'org.onap.portal' where app_id = 1;
--- portal-sdk
-update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key' where app_id = 2;
--- SDC
-update fn_app set app_username='sdc', app_password='j85yNhyIs7zKYbR1VlwEfNhS6b7Om4l0Gx5O8931sCI=', ueb_key='ueb_key' where app_id = 4;
--- policy
-update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key_5', auth_central = 'Y' , auth_namespace = 'org.onap.policy' where app_id = 5;
--- vid
-update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='2Re7Pvdkgw5aeAUD', auth_central = 'Y' , auth_namespace = 'org.onap.vid' where app_id = 6;
--- aai sparky
-update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key_7' where app_id = 7;
-
--- Disabled Policy APP
-UPDATE fn_app fa SET fa.enabled = 'N' WHERE app_name = 'Policy';
--- Disabled AAIUI APP
-UPDATE fn_app fa SET fa.enabled = 'N' WHERE app_name = 'A&AI UI';
-/*
-Replace spaces with underscores for role names to match AAF role names
-*/
-UPDATE fn_role SET role_name= REPLACE(role_name, ' ', '_') WHERE active_yn= 'Y' AND role_id NOT IN (999);
-
-
-/*
-Onboard LF Acumos App
-*/
-INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES
-(11, 'LF Acumos Marketplace', 'images/cache/portal_907838932_26954.png', NULL, NULL, 'https://marketplace.acumos.org/#/home', NULL, NULL, '', '', NULL, '', 'Y', 'Y', NULL, '', '', '', '', 2,'N',NULL);
-
-
--- add Acumos thumbnail
-UPDATE`fn_app`SET`thumbnail`=0x89504E470D0A1A0A0000000D494844520000010D0000004408060000009B326018000000017352474200AECE1CE90000000467414D410000B18F0BFC6105000000097048597300000EC400000EC401952B0E1B000051D749444154785EED7D07605555D6F54AEFBDF742120221F41E7A930E0A2A36D451B18E7DFC6C63EF3ACE388EBD6043054511A448EFBD844012D27BEFBD27FF5EFBBD28202558E67766B2E0E625EFB673CB5E67ED7DF639C7A443803F289A9BDB50515E8F152BE2B07A6D124C4C4DE0E06085871F9A0467672B242695A0ADDD048BBF3884E69676B8B8D962D8207F0C1FE887A8084F24A69600268087AB9D2CB63031913FBAD18D6EFC2AFC7F278DC2FC2AC41F2F4479692D2CADCD919F5B0D5F7F27F48EF6C5FAB509D8B93B0BA56575B077B4468B10C3002185E8DEDE58BE2A1E0E7696080E71C5965DE9B07790F56D406D630B5AE592AEBA241A3985B5D8B43713013E8E1814ED8388101739A329C2839CD13FD2D350806E74A31B1784FF6FA471707726962CDE8F92E21A2585BBFE321EC34787E2F18757A3674F2F9C482E415646194C2DCC6061618EC6D636F8783BE1A69B87E3B3250771F0483EEEBF672C3E5A72081DA6663033073ACC4CE507D0C2A5AD1D174F8BC489CC0A1C8C2B8095ADA5F085095ADADB10E2EB84293121F074B3C194E1C1C61275A31BDDE80AFEADA4D12A522023A504AFBFB811B107F2E02C465B5BDB8C19F3FBE1BE4726EB36CDB2CDE5733ED46D69E8266626686BEB40B390C05F1F9D821DBB32F0FDDA440C1D120467576BECDA93250AC502EDE27A989ACBB67239266666FA49A2B9624E1F1C4E2844625AB91CCF02AD72ACB0205704F9D8E3D3D589880872C193B78E44DF080F3D7F37BAD18D7343AAE6DF1759A92538B8331DFF7A76039EB9F73B3C74F357488E2F4280B8080162BC93A6F746700F77E3D6404E6639AAAB1B6069694E6140E180CAAA465CBB70308A44956CDB960A7B714B7CBCEC91935D095321156E632A3FDB4918F20779D054AECC4294C7722198FE3D3D1112E084E6A656D9B203365666B2AD097C3DEC515AD18067DFDF8BC389C5D87630475C20F171BAD18D6E9C15664F088CBFFF66686D6EC3C615C7F1CE4B9B4425B4E3BD57B6E2C89E0CE48991F78CF6C6806181E83F34182EEE7628CCADC4FEDD194200E5B016C5B0757332FAF4F545427C21CCC5E8EBEA5B3054B69F32B5279E7AEA079889AB626F6F891E611E481443178610C63085528709DD13611A3287280F33F9BEADBD0369D9559838320825E50DA8AC6D52F78401D29CC26A580939719BB6D60EFCE3B343D8775C084D088984D28D6E74E3E7F85D94464D5503CA4BAA111EE585CDDFC5C3D1C91A73AE1E827B9F9A0EDF405714E455E3DB2507B0EEDB38A48B12A14BB272D951EC1215B172591CEA6B9A71DB9DA34519B4C04388E5A2A99178F491756AE02489800017716B1A505BD748DB97A55D7F76B4B70B6F1874877E25DB9A8B5C696C6EC5EAADE9983C32183616E2CAC8AACADA46833221C7D0B591ED6C6DCC91955F855B9EDA886D877265AB6E74A31BA7E3778D6964A79562C95BBBE0EBE78CF8B83C242714C1CCDC1466A220CCADCDD121864AA36D1745D0DED20107676BF419E087E5CB6231624C18EEB8670C7C7D9CF0FE7B7BF1CD3747E1EC6A8792D25ADC7DCF587CF6C5117525CCCDCD657F03515068B4CBF13AC465818919AF4E8F4D57A54A148BAD9D05AE9E1D8DE89EEE2815D5F1F83BBB61696E8656F15AE64EEC818D7BB3515A590F37671B0CE8E981876E18063B1B0BC3C574A31BDD50FCA64AA3AEA6D1F89B01813DDC917EA2108BFFB90D19C9C5B013B7C2D6C61216E286988A410B65A82230E96817B7C314B9D915080C71839D9D158E1ECA868DAD052CACCC30615218EAEB5A9095550E7F21A0CCCC72545634A83A686B6B13C26947B3587E93B8450DCDED528E6654563608C1D4A1A0A81AC5A58D701542F2F3B4C7F4B1A1880EF7C0787179E68C0FD37D064779E2C68BFBE09EAB07E0A2114118D4CB03E5D54D4817D7A91BDDE8C6A9F8554AA3BDAD1DA50535D8BF351947F765236A4000D62F3F8A1B1F9D2CC6EF8A7D5B528420CC912A0AE3D8A11C5494D5A343C8C2C2C2523EDBD101337527DACD4415886BD1D8D486E8817EDAA272FC7821264C8D40AFDEBED8B02E11B32FE98BB008778486BAE39147D6E0E0915CB8B8DA6A1CC4D28A8B1C43140609C743C8C1DBD3019E1E767075B245634B2BF28A6B909255851BE747CB3A43BCE2D977F748194CB070566F04FA38EA77052535C8C8AB4589B85835428225423E61FECE18290AC84DDCAC6E74E37F1DBF9834F2324A11BB3303C7850C18836453C7F6EFE331686C0F210A4B34D43521490C7FD2DC3E6896DA9F6E4987FC4B4F2A467A6AA9A80E2B3172C377A6421A8C2FB4B677C02FD0052E1EF6D8B92D0DD3E74623E158018E1D2FC082AB07E3EE7BC7EAB95B455D3CF6F8063838580A5998CB37A259E4FC248DBAFA6694890A2912822A1157A356DC121373463D4C34DFE396AB07C2C949CE2D0AE799F7F68942E9C0B0BEDE78EECE51F866630A36EDCF4190B783B6CA3434B6C2CFCB1EF72F1CACE7ED4637BAF10B5B4FF2C43D483A9287A37BB3509A5F8D82AC0AA4C717C1D1CD0EA3A6F4C2F6B509E839C01F1525B5C84B2F478F282FA42516A140DC8F7E4383316058104E08193436B4AA719A98507188D10B5A5BDBE01BE08ADCCC32F41F1C80C2C26A3489F13258397D666FDD265548870961B1B105881342C9C8AC405A7A2952A55C39B955281375C0E42E4BB6B4385AC1C6CA12E6421C57CE89C2CE43F958B53515FE5E0EC82DAA858D28A176718F2AC5A5F97455BC0665738A6A905520D75552872BA74522C4CF49CF7B5814934F77AB4A37FEC771C1A4919F5186D59F1DC4CAC507909F5E863A632B04839AA3A7F5C291BD99A8AD6A847FB02B6A6B9A502D069C23063D767A14F2B24BB16753AAB8297598B770089CDCAC5155DE246E40931CD9A038D844EBE5EB888A8A460487B9232DA5144D0D2D98785124BEFD260E8D8D2D78E7ED3DEABE4C9A180E5F712B68E8241636B1527958989B69BC8344441DD5D8D48A9821816810923A9258289E503B22A47CCDADEDC828A8C2A59323B0799F2826E12D531353398E09A2C40D9A363A04EF7E7D0CF58D4DC82DAE45627A051EFEE72E38DA5B2032C4CD7043FECD484F4F47515109CA2BCA51525A8ABABA7A383B1B48AD1BDD381D35627F6952515695D6A1BCA0064599557016F5CCC688AE808E48E29E6C146654222FA904D6F69617E69E241ECEC1130B3F1735D00E7B91F8CC99606442BC0538B9DAA0F7D020ECDD9484E6A6360C1917266AA11C456294B4DC167103E6888B117F24178971F9AA307A0D0C44786F4F0D5A1E3D948B8AF23A315C33F41DE48FCAAA06F48EF6C1DAD509983AB30FF2F32AB17D7B3A1A8520DE7C6B3EEEB9F73B58D95868BE464888AB2809536489CA484A2B81B98519CC2CCDE59CEDA86F6E4564B827860DF4C7D2D5F13057774688A4A51DF75E3F148FBDB113B72D18802FD69D1032E980BBB30D068B32AAAD6FC57E51316CAE8D94E3975736C2CED60243FAF860E59654FCF5E6E188E9EFA7C7FA77A1AABA1AB7DF719794A54AAED70C2D52B6007F3FBCFBF6BF8C5B74A31BA762C9939BF1F1131BE1225E80982A8ACA2BB1F8E87D081197BC2B6066F69F7ABC8AAAE27A5434D5E2910F1674BDF5A4A2B806FFBCFF3B357647210833062F850C5833D78981470F0B46767231DA9A8546C4F8E84EB0C6679E9585F61F31C3FA15C7101EE58D9E7D7D5401A4C4E763CDD77128CAADC678511293448D58DB98225D8E13262A836C16DDD7175555F538723817F6F656183E2C5093BF7AF7F28295A5190A0A2AB1735726E2C4DD610BC96C513BE13DDC515FD3027F512C7D7A0A610CF0C39ACD295A16930EBA432668686A41AAB84B93C4553A72A244FE6EC55021A9182197A32965D829E446E5C126597B21272F775BA464552253C86BEAA810DCF7CA367CBE26D17073FE4D484FCF40756DAD90A2B9DE7F0B21C6CAEA2AE4648B4AEA4637CE80836B93606B632DCA9BFDB3E49D811992F6753D07898A9DEADD5AD4B5B5ECCD0AB9CBA4B14C6AE48AA23A58DB592963197E98A059DC054F7F6771356C912A866B2E86CC55861805C39C063010DA2A35E3C6157188EAEF8F3031FA56A9ED2D8484524F1461D5D223C813A39C3AA72FAEB969246EBD672C6EBC7524C27B7A61DBA614588B8190A7AEB86AB09245CCA8505538E6723318AFA8AA6EC4814379DA2BD65A2EF2963F0DC67BAFCEC11BCFCF10C337415E41B5121E6326CCEFA04B532F6ECF8BF78DC590686F5C3A25920D381AEF2816F7C9C64A6E2F133CE41A790D24391B6B33511F4568927D678DED81E73ED8872FD69CD0EBFB7720AFA040DD370B7323695858A05648242D33D3B84537BA712AF2922A602D0A99F6672A2E899D8D0DF67C7B21EFAC89DA0DED598EA079555D228DF48442EC58190F4B1BB28C9108E4477B7B1B3AE40833AF1A88AFDED90D3B472B35311EB8435E6EF57CD4E2E4D4F2BB419D9862F597471035C01F3DA37C34186A618C43241ECFC3CA2F631112E6AAB5285B3B7CFD1C515FDB2C46DE8AFEB24F546F2F9E1DE3C6F5808BB315DAC405A172A08B66656586868666ACDB90AC01CE4E8C1911848B64FB61E24E0CECE38D3E111E1810E98587160DD7F5D7CEEA8D84F412EC1275C1E0A9A5B02955462778CD3C07FFD94859576E4D839790E4D491C178FE83FD2828A9356EF9FB8171A3B4D474BDA72C0BC1CF367906054226DDE8C6E9488BCD47637DB3D8DD4F66CEE127B2C49E7F0DBA441A6B3E3E8086DA4635640365C84B2BFF5B5B3A10D9CF1FC70FE648ED4F16922FD53581760E63A733F15594343AC42DE0BE06C633C1C695C7111CEE8E883EBE68A8695426B31515D3D6DA8A7D3B33F4BC3C46B528883113C25059D1881917472361733ABE7C6E2B02029C1112EA8626512F3421AA045E0CF7099675B572B30A8A6BD1246EC8079FC7E2D0D13CA46694A1B8B4566E648B2A0DF639518821E617D769CCC2688FA7C2F825B7A65C73B4B5C4C7AB12B4235C94B851EF7F7B4CD7FF9E686C6840764E8E14C55066067309733373A4A6A58B826267BC5F86D2B2721C8F4F405CDC71A4A4A619BF3D376A6AEB909B9B2F845588A2A2626D81EA0A2A2A2A919F5F8002594A4B4B8DDF1A617C1C67425171313233B3905F58A0EE6F5751585884CCAC6C3DE7AF459DA8BAE494541C8D3BA69F3535BFAEB2A895FD4F2425EBBD4FCFC8D0BCA7DF12E9B185686E6E517BEB7C5F482035E50D28C9ADD2BF7F09BA14089DEEFD28BC825C55DEB00F28E3027CC2ACFD46CDE885C3DB33505FDF045331AE0E133331E416F4ECE7AB599EF187F345013065DCF0A2B38584BBD34D6017F68BE6F5D5CE6C69C92586B13398013AAD0F32334A515C5CA3B189B03E5E181113825917F7C513B33E959B51808F33EE475C6201EEB97B259C5D6DF5980CC07AFB3A62D28470AC589D48FEC29851C158B12E093636426062F0ADCC3597B25709A98C1E1288BBAE1BA22FE15FFEBE0D85A5F5E2FF9D9A36CE817FFAF52439B5235148874A8460F9A9662E9D128135DB33B1E485E9FAFDEF85FCC2423CF0E0C342A2B55A067D09E47EF3A5F0F1F6C2DF5F7E11F60E17D61CBC69F3567CBBE23B949697CBF3AB5715C3B47C6727470C1F3E14575F7105ECECEC8C5B9F8AE5DFACC0DBEF7F0027074778C9F99F7FFA49383A3A18D79E1D7FFBFB6BD8BE63973C810EF4EAD51B2F3EFBA4710DB0E09AEBE4FEDBA0AAAA0A77DE7E0B468F1A854F967C8E6DDB7748F91A9418593E2B2B4B840405E3F65B6F86A7E7CF8734A8936B79F783C5883B7A4C5CD07AC37EF2AED9D8DA62C4D0A1B8FCF2F9728D5D6F714A494DC5871F7E82ACDC6C51B28D72CF9BA542B494725821223C0CB7DF7233BCBCBA3EA8D3B1F8447CF8F147282E2CD6B2F259D2D5B4B1B6469F3E5172BC9BE020F7F5D7E2ADBB5663CD5BFBE1E06A2395B229DAE59DA50D971556E3E9D50B31647A4FE39667477B5B076E897A0DD5ECEC595287073E9D7F6EA5D12086F5C683AB60EF6CA3014FC801CC483152DBD5D736A1F7E0409497D6A1A2A446D7EB2A13210659DF202E859DAD35CF4A7A817C6DD88635921C877EB954F5F8F6A3FD881A148879D70CC6F5778CC6B44BFA234708E3C4B17CD456376B3F921D9B92111AE18E385119C7B6666A6C65F9ABBBD02FDA0F11F27D436D0B5AEA5BD1A7B73762860663F98A63A8AD6B4249592DECACE56188E2618F59AA040B59AC84CCE86A4489D2197BF5122CF93E01D7CE8ED2DEAD4CE8D20B3905244983DAE8045B2FAAEB5AB0646D12E64D0A47A5361BFF7E28CC93DAB9A0486B0A7B0707C4C4C4FC68E4256565C8931AB8ABC8CECDC51D77DD8FBF3CF81032B2B2D0D8D8A8C7B1104320A83C967CB10CD366CEC5DE7DFBF4BBD3D1D6D62A06D480C6A646DDBFD3653A1F9A5B9AE51E1BF669967D4F46BEB859C5A228D84AF4C3C64D983BEF727CF0E1C7A248CA757B1A575353132A2BABB067FF7E4C9F7B095E7BFD0D253C82EB972DFF0613264FC3AA55DFCB7594EAF6BA9F187A9990E3E7CB9661C6EC8BF1DDCAD57AFFCE052A89E75F7A190BAFBF09878FC66AF336AFD35A8C9B9FBCFE3DFBF663EEA597E39DF73F947B72EE6115CA45653DFEE4B3B8F6FA3F21E944326AEAEAF438DA7F4ACA585D5383F51B3763F28C3958FAF572E35EBF0C3C5EC2CE6CD8DA5BA2BAAC01F31F18A53DB9F96ED3ED4FDCFDCB83E767250DD6BE2FDFFE35B689013AB8D8A9AA2028723AE4E4D622D1C3A27D70786BAA30B8A53E00C37BC3D609533437081B4B4DCCDD648D128D6E4349201BF2A218CD6564F6E0F6345C77C718CC5D301033E645235E5C89BABA66D4892196145523BABF1FA2A27CF1BDB02607E4616067C757F168916D66CC8C4265553D2688E17A78D861D5DA04348BE133586A21ECCA1A8DA9EB94CFDA7222A4C1E65F17276B0D74BA3AD9606F5C81E68AF41577C35D58992ECF8FC4219FBC2EC3B59D0AC63758CE6FB6A42221B5144542A0BF1732A59663262CEF2163436347C7E82789902F7757E5774949291EFEEB13E2D2A4A0478F1EF2C25AA8D151FE17899AA9A8A8D04BF7F4F080938B339E7AF605AC5DFB8361E79340C94BD7882F3C09B9ABE0B6BA8F2CA7E70A58496DCB1A9C2A80AE9289AC670DCE6746A2A91405C2C06F9BBC3BF6A280820202F0FDDA75F8EB134FE9FEFF7AE36DBCFFFE62F8F9F9C2D5D555BFA3A1733FD6E87C193DDCDDE12ECBEB6FBD850F167FACDB9C0D4F3EFBBCAA315F5F1FD8DBDB0B41CAFB5852823CA36BC5BF1D85C0BDBDBCF09518F94B7FFB8771CF9F83E57FE6F917B06BCF6EBDEF241E920CCB5626A4CF67C867EB2AF7DCC7CB1B1F8852FAE8E34F8D7B5F38CAF36B64A916F56E8EA6D666F41E1988B0413E1AE360AA42AA7800BF14674DEE7A6CC12738BE37138ECEB654F5F222D1E06485B046A348E27173FB885B928646A9E5D90C43FFA3C354B7926DE4B593173A24D203A9C70B35B6C17C0E53715D94DDE580A6F2A9BD5CE54F4BB988590B06E879EDEDAD11D4C31DC347F5C0D09860F4EAE38BEB6F1B898AAC2ABC7AC7D770F370D2F3652617C23BD415D32FEF2F72DD547CC20AEC3B98A301513359CF7270F42E929BB5FC5D5ED5242445E33741ADB852F32E8AC4BA9DE92AD7AA453579BAD9A1ACAA01BD42DD902B6E115B584C29E984A4BC3D6C95344BCAEB7FF6A233685A2EFB6517D6A0A2BA51D3CE1DD8C2F41BE3BD0F3E16D96EE84047497CF5950BB062E52A91CAAD526337C1C5D909C3447A9F0F575F7B83D468D56A04AC29298BC78C1E2D527F11E6CE9E8D5E3D7B222B3B5B6B452B3160BA905BB76F47FF7E7DD5383A91909888FD070EC34A5E7E1AF094C993D46D381F76EFD9A33106C2C3C35DF7EB045D114AFECEDA97464E92701302183A7408264F1C0FFFA000A914C4784BCB94F429E9A950D6AD5F8FB8E3C7F5BA181C6E1077C64B5C9751A34662C2D831F0F1F4929ABD560D94C4642DE7D9272AC1598C3452AEF974BC4A376AD72EB9AFCEF22EB4A84B327CC810DC74D30D5878CD9518346080BA3D1999D9FA4ED8885B159F9080D696560C1CD0DF78949FF0F853CFE2C8915838CBF1E8BEB7C812E8EF8FF9975C82C99326C0C7C70BE5E5157ADFA90458C69DBB760B89B8213232C27894AEE3C09A64ECFE3651EE9189DC232B2C78740C9A4419EFFB3E09B68E56EA098CB9AC0F6CD89DE31C904780EFDFDC87A686568D05C65CD2FBCC4A63E5077B706C4F269CC490280CC8017439A8325A9ADBE017ECA646999F5AA63108AD8D4D459AB5B33A66CD2E062B37CFD2D2C2A8500CF91C1DF2309581A4A6903DE49FB8398DCDB0B631C7210EC493558E171F5E8D6D1B92B07CC9413CF9C04A1CDE9F096F4F47ACF8FB6E5881B2507615B8B838E0D34737CB31A05DEF776C4F959ACA4C5F24BD5259CC854CB2B32B85D9DD34206A2A17C3264B27B9515413F57213581C5B7161761CCA41CF6057EC3E928FE9A3427558C056B600C975B3A4C6D39E11DCFF84943D59CE157BA2CCF8ED6F8BD8B8A35A3B35CB0B1C121CA4DF458485C97535C2567CF5838762F5BB73E1F32FBE446945191CC4B0688CBD7AF5C45BFF7A0D0FDC77B71A419FA8DE98356B063E7AFF5D5C77F55572EC668D05D0C0FEFEFABF37818CB5708B18EAEC9933F0F187EFE1A1BFDC87CB2F9D8F3B6FB9056FFFEB9F78F2AF8FC8B336536366DC8535353F196B6240F1E6458BB058AEE39E3BFF8CCB64BFBBEFFE3316BFF70E16CA7551E5B2F2721445B3F893CF548D9C8CC38763B165C74E5511748B78DCA79F7C0C4F3CF608468F1C81F0D0508C17227AF2B147657958899704C2ED7FD8B0116969E9C62319B07BEF3EECD8B1038E8E8E5A5E1AF1C30FDE8FB7DFF827165C360F53A74CC6AD52DE8F3E7817375EBF50EF3B89D343D4DE3FFEF5CBEE7B6A6C3E5A44713339CB23C409F62EB6088CF65295C177B9AEBC1129877E99DAF8196964261661E5FB7BE12CB52B0FAE8BFC508540F690DFC3C52D39BE3F1B162C00BF5362309000C17DF467A7C1A9111BBEE3EFBC2134C60631DAB09E5E183ABA075E796C2D567C7608DB37266947B7F0080F5C76CD50F1170DAC3DED96A1B2B761842DC2D2DA0C1585B558FBEE014D275F70C540D48BABC0726A49F8299BB68A9131C78365D77F42062E4EB6A8956D35182BFC45366EA86F456E41B52671ED921B3E634CA8BA68243D5E3F8F792E38D858E2B0DCBBDDE25A192FF637035D8616216183F2694770908134FAF58BD60021C939F53CAD1ED5D5D5D82852DB450C852F2E7B1A3FFDC4E3521B9F3980B7E0F24B317BC674A9F92AB416E5F11910FC77A15E8C75EA9429B8E3B65BF4BA4FC730511E7F11B2A30A2009D070F91E9697970B09DE8B8B67CF306E792AAEBAE2725CB56081920CF761D075CBB6EDC6B506ACDFB4194D727E3E75BA7F2C0349F54C60396EF8D3427DB7E82E928C491227E34371833A039B54770FFDDF5F306AE448FDFB74CC9F7709AEBEEA0A7D5EBC6E12E3CA95DF1BD7761D25A2CCD95193EEBC5F989BAA73EF1017B87839C87B2DA421AA9895FE2FC1CF9EC6966F8EA2B2B816E63434351543FC81710AB624048A31338DBC30B35C5B4714F45BC44E9434E4C119BE6BD702F36FD11946E313C333AE673F10BF00174D375FF7F551B4092BDAD859C0D6CE5A7BC86E589388267123464F88C0076FED127FCC1753FE3408B5150DBA3FCF66EF6C8DE57FDB857629CF94291122A17D3536A18511B074626BAA2AACD9314DCAC37F9C07A5B8ACE1470223B998C90D8E4D2A45FF087764E456A348D6C70CF4937D0DC1ADCECB3A1B781C2A8E8DFBB2B16C7D8AF1DBDF06FB0F1E9617DC102C6300B957642FFD3EB26784948BD7C001884C909A7E76E2484E4ED5788685100C9B3D6FBDF90695F6E7C22D37DF68787EB2588A81B1D5E3DF01D6DA2E4E8E5824AEC0B9307CD8505C24C4525D5D23F700A815831C346800468B4B722E5C76E9251ADBE0794888DB4E228D969666ECD9BB57BF671075A8B82431230CF93C67C3B42917A17764A46E4F1C893DAACF8AA8A8AC404E7E9E1CCF5ACB396EDC580C1057EF5CB85208DBD3C35355A5B5EC177BEC9851B1770D65F9D5C84928D1CA84EF65483F43CAB8930801375F074365292E555EF26F401AC53995D8BD3A01760E56CA467C59D4E4E95AC817EDE287450D0F46DCAE74B918CA1C59ABEE0037960388FCEFBCB48E16832B63705FD8A2C24D643B395693280CBF00678C98148E355F1E5212222B32BB9379086672A1ACE5A7CCEA836C21A74FDED98D155FC7E2EA47C7C3C9D356FD4682637514A557206177365C84087A84BAA15F5F1F7978CCDD907F72523605B734B7C3D5C95A1E244B67026747A9618469D9BB5624882CE2CA48F92AAA1B50585287617D3DB1F560166CAD2C101DE681EA9A6634C98D56123C07D8FFC55AAE978AE3B704E3077413784F2CAD2DD5FF2502038244C2BA6A6D6B67678B6DDBCF6ED46C31696D6F55A5E2E4ECA43182AE60CCA81891EF75EA021D3B9E60FCF6F705DD8551725EBEF4E743CC88611A07E1B36D1675306FEE6CE39A7363FEFCB9DA4A43E24C3C9164FC562A98C616E4E6E4684C81EFFFC8E1C38C6BCE8DBE7DFB295170BFC2C242D4D51B82E2F1F189F23E1B62798C7D4C1A3F5EBF3F1FA65E344594739D3E77E69A5455767D402806414BB2AB74747E33331304F531BC2F768ED608161785E66A25B6937A300F7555A7B6607505A79046E2A16CD456366820B1D33C9406C48829FDFB8F0D436E7209AAA5B6A7B8A0612AC882FC9555B63C3CB23E13A7DAA586B79207CF422A64A7C6BA4678FA3961A4B8141BBE3D267FB3ED9DC3FD71F42ED9460ED1D0206E4BA427060E0BC28A2F63E5C19A61C907FBE01AEC8411737AA159540A37ACAF6AC2A069E1881CE10F6F0F7B79099A7464AF1E216E22C1DB34D8CA547533291753CB99A52AF7105E6EF6C6B472C335D018D98E6D29E5D87D341F23FBFA098199E2EB8DC9880872C64DF3FB625A4C885E42A9DC9FCA9A46540AE9742E0C80F2B35C1E4095289DEADA66DDF6B7006B85DCDC3C7D199BA416EC21FE742748141E6E547E2D2AB5D3334EF5A54F4683B1F5802D0FCE22959953D315D8D9DBA3B2AA5ADDA092B262E3B7BF2F5AE47AFC7C7C8C7F9D1B0E0EF64268361A0321B1D9D9762D57C5D7DB5B2B1FD6C4AD6DAD3FAA847A1A3B5F0C45071C1CBB962FC15C1955D282063916DD498284AB55AFDC7B4B2B4B25ECAE80DB65E7E46AAB566E5EBEC656BA8A8C6345FADEF09C76A2C67D420D2D490CFA07F47297EFDBD55D29CCA84055E9A9F19CAEE014D2387120076D2DA22CA486A6FD134A00626C6CC2ECD93F0087B7A569932779829B74928AFE4572503211C2905A9929DE6C52D56C41594D77C3D5C31113664561FD37C7502B8646C6E30BCC6DD984C7E1726A2A1BB170D1485494D661FBA6243839D92991FC202ECBC2C727C88368D45A9F893637BD320DFB572763EDBBFB70D32DC3F1AD10D184096172BA0E1D538342889DD148029CBA31C0D711F945D55A460E2DCA1B687CD61ADBE0A03D8744294C1D1D8A8AAA0684FA3962402F4FCC1A1B8AC76E1E81CBA7F4C49FE646E3964BFBE3D605FD71BB2C775C3E00B75D219FF2FB7D0B0763D2B04075E57E0B544A0D939797A7A4C09A67D8905307040A09095183A1FF5B595125EE598D71CD69A00AD440B53C1F7DEAC68B3E0F2E131FFBEF2FBF80179E7B1AF7DF738FF1DBDF0F343C4A71ED72D005E8BB6ABC14EE4BF2EF0AD8818BEF00F7E1313A732CA8167E245429C78F15E379C0B3D21E0883ED18FEB21322D3E3C8319988D7D0D0B566F9A183066AC21E03B0F7DF7B175C5C9C8D6BCE8F9443B91AFBA38DDA89C20E8AFA296EE51DEAA2F796EF404B633B724E9418D7741DA7DCE18C8442F179E526C9C90C2F9618BFBC68EC68367EDE006CFEFAB0484133BDA97A33C528F9A9FE96BC94FCCAB4DD38C0AFB0378D941314313FA2A9A1195E3ECE9830A70F562E39887AA9ADA942E404421386F8079B4E1BEADA30626C0F0C15A37DFD858D1ADF3097F7C7CAD214CB3EDE0F73776B4CBB7E08F28A4B31E78E91F00A71C66B37ADC0A78F6D85B3BD15AEBD76089E7F710B6EBF6504EC6C2CF502B3322BE1EFEF84DADA464C1EDD039B77640A9919A2C86C5161F9DAE5A5E1C3B61355B3FB709E267A3197C3C5591EBA11EEAED6281195B5431ECA27E2C6BDF6E921FC4B94D0BBDFC4E1BDAFE2F0CED771787F791C5EFA683F46DFB014B9856731E00B405A7ABA1099210988FD6F4EF7D7478E1CAEE3A3B28992E9DC59523B9D11BC58230CAF73D7C0969A91E2D30F1D3CE8BCBEF8FF179C7631AC2CBA02D6C23F816F89F1067512C685A2B3963D0D43878B1BA8F6C23398E09D7717D3AA0C2BCF011F1F6FCC9C310D93274C5017D1DADAC6B8E6FC48DE97AFEA9D15B157D0A9CAA6FFC41EB07660ACC3545CB166C46D3CBB3A3D1B4E218D9A8A7AED1B42A864978BA50FECEEE388C6FA46D494378A9F644898D25B4072E00DE08DD687209FFC2F44D32E4CD72612894A8299A5B6F6D61833B31776AC494093B83A1C8D9C7E0B9B67D97B8E8F9B29E6249149337BA3A2BC16FB76A58B3CB4963398889C3247B1B814EBBF4BC0C26726C0C5CA5EB3DC7EF8E020EA2AC43510F5B0E38B384C9FDD0B9EEE36F8528C79EA9408D8D858A0B4B4162E0EC2B801CE48CF2A975A9BE794F24A99D98AC3739BC9C568DC465D1513EC8DCDC7A8FE7E282EAFC396FDD9D8139B87A7DEDEAB4DC4D1E1EE9837310C574FEF8D20512E0DE2073343D456AE89FD57DC8468189C5DB7FBD7F73E4DCFCC56A5C71AD0CFD7578E7F6A5A3765B185B156A6FB525C7AE13547377E3F589A5B62A8A843B642D9DBDB69B0FAF1279E4195B87CBF07182FCC4B2D85A58DB9DA59FF2961C6350670D6421B3B4B7D9F989290117FE1F1B71F49E318FB7F70701C3118150DF283E4502F7E7ACF8101C817FF877E9A2637899D71ADEE2E864716FD31206A0447CBAA979ABD4E5C0D5B29E4DCEB0663EDD2232893DA9783F7980AB1F03CCA32240F35D876788B22183BB5173EFCC70E752998F04D22A1BAB1950B7EFBD5ED70F575C23F0FDD0A3731D88F1FD9A8AD288E2EB678EF8175F076B3C784F111484E29C521510C93C7856917782670B9CA368C653053B4336783B114CDD9901BDCC84C5271919CED2DE1EFE380C76F1B816F37A6E858A22BB7A7A14CAEE5586A197E103258B72B03C9B9E5983F290C8F2E1A0E2F371B1D098C933BD12D627F1B8ED3F16B9199912EB7A75D9B49434282B46FC6C9707674D20C48CA6B76F6CB48EBEE26FF47C3BD77DEAEA3ABD58A7BC96CD783878F60D16D7760F3D66DC62D7E3B146555C87B5AAD71C9BAB6460C9BF9F3C4B5DE314168A869520249FB0599A14A1A1C1323764B0AE6DC3412EE62904DA20C18372053B9FB39C1C5D316F1FB45D25B5BA87A205DD0255135220BA55EBB100AFD282693B00DD83FC405F3E478D73F380193E6F5C35AA9F91B6A9A6121F29F2D2406CA919F240C2106D6FD9C64E9D607262235B110077667E81406EA73CA5A06312D2C99CCD3847FBDBA4DFC342FBC7AFD724346AAA5B996ADAAB4012BFEB60B77DF351A33847838C87071492DA6882AE817ED8D0517472345589803F070D8401DB9DCCD4E7BAA4E1BDF03B3274660EA9810CC1A178E948C723C2BCAA257A8AB8E48EEED6AAF2D23D65206A6423736B7214988F4F9F70FE05D714BA68E0CC575B3A330634C0FF879D8C9353139ECDC7D11CE07F695C8C894FB6E69A81998CCD5D93FA413EE1E1CA13D5454468B3E07E652B0A9AE1B7F1C383939E31FAFBC02773737CDBF60C09681D7871E7D1CB7FDF96E6CDBB14353D27F0B6CFF2A1EB626563ACBA1B7872B3C835C8C6B7EC2F8ABFBA1BAA9415B368BCA2A50947D6153752869EC5A158F0DAA02AAD137A607265F31087D4784E0CFAFCCC5D34BAFC5C7CF6D109FCA122DA21E480C6D523B33D049D7857641DF89C1155B276BB8793B20A8A71716DE3701BD06FA638818A0871051694115CCA590745D0C1E5E2759C83F2111CAF946510403460663A39487C4C5E09E12926CC920255B66786E9F00839F66EF62A8753BFD53DE845DDF26A043882BBCA79BEC63AA599DE3C78661DAE49E18C39EB25323316E6408A68CEB81417DBC1115E1A199A4F12925D8272EC88A0DC958FCCD511D7478EBC11C8C18E0077B212492048FC773D17DE1EF9CF1CD5B08A249CAF4CED7B1F876530AF28A6A30B09717668E09C56C39C7D603BFBC6310D38AF30B0AF53E30101A1814605C732AD8078339272497DCDC5C7476E0EAC61F0741F2EC9E79F2714446466A65400406F823332B0B2FBCF8373CFED433DA09EFD722767D0A6C1CACD44DE931E0CC2D503DFAF9E8085E740C6C618D436B928D6BBA06531AFE916DA93A18F0814D4958FEC6766C5F1187BFBC7D29864B6DEDE6ED88EB1E9A8251337B63D2E5FD31FD9AC1987DE308CCBB3D0657DC331E57DD370E57DF3B1E178B441F3F371AFD4785C027D8552CD9780601ED9DC4221667F446D86221EA41B7216130FFC00C834787A24654CA66210D8EDD41462365304F84CA8663657096B57997F65797E28697A68A41B175C770322B31EE9423F9D8B5E204E6CCED8394B412AC597B420C4EB95131697C1876EFCBC61E21841DFBB2B079473A62138A5020245121F780238939DA5BA9A2609EC6BA1D9998333E140919A5F017426C6939E9C204BC060B7353383958A34E48EF6872093E5D2DC425DFD7335FBFE997AB8DA2E222D4371A92D94808BE3EBEFAFBE90813A541523113D78A636ED49E9616DD8D3F06820203F0F2F3CFE09A2BAF906754ABFD4CA83A98C075FC783C9E78F2193CF4C863F2DC7FB95B5B985E29B6648E5679EF7A0CF8A9AFD0C9B077B5416098A776ECB411577CEFAA9FF254BA025376712F2F96DA5164F54221873B5EB9180327448832F829505353598F0431B24352936E5A1E8B95EFEFC1672F6FC63B7FFD1E6F3FB2066F3DFA3D168B1AF9F2F5ED58FDD1416C5F790C6F3EB606B13BD3B1EA9383CA1F0347F740A3B827DAB4C51A5B3844DD0E59C7C2F71D168CC131A178FDC91FB4C544C7E0602C83D4411746544643631BFEFC9771422C0DB8FDFA2FD061698A2B1E9B809A52C3602854004C8679FFFEB5B0B630C7FD778FC30DD70FC3B7DFC5232BBB02B97955F87C692C6EB87A304244B63166C24E6DA41473EDB569D0403C17E3289C802921AD0C6EAEB64A003D7C1DB5A5E24C20A9B1BF8A839D05AE9D19A54DC45BF7E768B098B3D177AAA10BC1A1234785C4D853B8035EEE1E67CD5D0809098615631DBC4FB26D6CEC61E39A6EFCD1C044B43F5DB7102BBF5A863933A76B9C83791DAC141C1C1CE499C7E28AABAFC5D7DF7E6BDCA3EB483A90AB7147BE031636E6E815136C5CF373840AA1508D305C50927981EE495D7513FC42DC44DA5B60F3D24358F2D206EC5C791C2F2D5AAA999F6545D5F8FCD5ADA82AAB456579BD32189B73EC1DADE1222A84B9EC74495CDC1DE0EC6E0B7B7151189D8D1A1288951FEDC7472F6D4296487F374F7B8C12D78064A18381C8C9D54151FB6CC7F4F9FD34B6B26D5D229C5D6CB58F080D98A0BDB536B76B7F940917F5C292C5FB112B3768B3A888E9370D82AB9FA3BA4E848DA395104411F6AF4A44CC9860EC946BF8E18713D8BD374B5B4E366F4FC357E27E70D4F1A913C230415C155F2F3BED7BD2748A2A10BA1235C4806E49590382FD9C747473954AA741B311C5250A0B70C68C3161A811D2B3B1B1E421B06A5B1A0E8992F97194B00BC0891349DA94DA2244E5EEE90157D79FFBA704BF0FF0F3D52659F6F2DCBE73AF714D37FEA8B0B5B7C39D77DC867FBCF222A64C9CA041F9BADA3A1DC888CB3BEF7D88F73E586CDCBA6BC8385A8016A9586963D6527985449F7DC4F188C1FEE0F0066C8D600C3233AEEB43009A16A4976205E711D99381FADA16F1D54596DB5AA238BF123F2C398C6FDEDC8509F3FAE928E3E652B36B2F52A9D1D5748C06CF58039B2E69DCFC9B391001611EC816A9CE74F3CA925A241DCD07C79E9872991C4B24BEE6BF930C5ADAE1EC668721A274BE786B37EC8470D80CABAC42188D8DA9E131E37BE8EF5F7E7C4088C5068BDFDE0D07773B4CB8B29F0E61C6425125B8393AE3B3C736C3D9DE1AC1E22A31C18C6AA1A8B01691E11E62D4CD58BF350D1BB7A6A2A2A20183FBF9E1C605FDD4FD282EA9D332F1CEB37C74AD9233CB94102A850C1CE56118D2D10DA0A1322374CAF0204C1C1E28F7A70385A50D3ADEE8D1A462047A39A24E941453E32F046C2D292D2B53D260AB88CF394686622DC5E658068959932526FE7B4749EFC62F07BBE5DF7BD79FF1F4937F4540803F8AC535A1EBCEE106BE5CF6B528E365C62DCF8FA28C4AD99759C4EDDAC7C4DEEDECB91D3D870B6998339E086DA02848AF30AE393F4CD9D468C3E1C96D3962B1D81D9BFCE540AC299D4439FC20EEC584CB07E877ED5299B79BB2B615A391B39930218A2422166E224C492A61EE7EAF210128C828456D65A3924CA618CF00914ABBD726E2D8DE6C5C7CE3102513C628CA8BAB71FF0BB3502424B5ED87C41FBBEE1A5A650C6569935ADCDDDD1E975E33043B36A760E2E4484C9DD95B9487A7D4C6459871CB5078048A1210E324380072F689526CF9E408EEBB6F9C1CC29038969C528C90401725167BB95E2A8BA30985F86A550296AF49C298C101B87FD17084FA3B69AC84528F6549CAAC90BF4D10E0E928FB59A94B43E2600CC3C1D61A2FDC3D0AE181AE3896528A2FD625238E5339C87AE66E84C8B102BDEDD575BA10A4A6A7A3B4A44449835DA5274E9E685C73660CECD74F5B6BF8C23112CFDE9EDDF8CF41BFE868BCFBD6BF70E7ED37EBF3A68BE1E4E488D7DF780B79F9EC397D6ED063483B92AFF6D82236D86F620FED437636F845B88B7DDBFF58D1A7C7757DE43753361FAA0F6F30553A0CCA09CCA560B771CE7770684312A245C63333D4A49D244183E6468CC08A93A1BBCABE721CFAF011D17E38B63F5B0393661626282BA84695D4E8034787E284D4C0DBBE4BC084397DE1E5EB8C88BE7E88ECE78B4DDFC5EBCC6B8651A0581E39243FE43CEC421F332E14B93995080876C34D778FC6D5370CC3ED42081C04C725D809E3456D340A01B25C6C6DE0540AABDF3B085771A3E6CC8E467E7E2D32B32A101AE26A28BB94952D3296B29D9D101573393E581A8BAF57272042B699383C5849C4C3C55AC8A34DF335C60FF597ED9AB58F4B656D232EBB28024FDF3142DC8F627C2E84C8D6160645D9A396E5E6F1796CED9A7F81E0C8E324015E8B95B5158EC6C6E29B15DFE1ABE5CB65F9E6A7E5EBE558F9FDF7481192E1B817DC9E2FC1B1F87F4FE7B26EFCB6983F6F9E0E88545D53AB158093A323967DF58D71EDD951535E8FC2CC4A7539F8EEB3C3DA9A77F6E3DB5777FD6C59F18F5DD8F6459C0805434F769A5BE6B1628D2D7605A694EE6CC6645E01FF913668549A192AFF5970BA199E81CEFA1D5B334C384AB06CA3C627309A3838E3975F30272A6A5077A1B3431893BBB67D770C03C6F68083938D065E37AF8843589437FEFCF4547DC9BFFBE4006CAD2DF5B86421CDCC947F3CBA9DB8043BB7A4E1A15B97E1D13BBFC1BD8B96E1BE9B97E1DE5B64B9F56B2CFBEC10AE7C688C468D7F6C491125C131128F6E4AC14D8B862127AF123672FCA3C70A10DDDB5BBBBCB3FC1A8A95FF9672B399365E55DB84EFB7A462F7E15C1416D761D4403FDC7EE5202109A6B39BE1D93B47A177A80B5EBD7F9CB82C4EF8DBC787B0666786AE77B4B352A2E03D6339388A57567E159284AC2E14F1274E68649D65A454FDECF3A5F8F0A34FF0F1A79FCBB2E4A7E5B3CFF1EEFB8BB166ED3A1DA487E7668A704ECED99B7A0DF7B56BE0F81094CC1C8794A35E75827EF34FE8FAF10C3D8BFFC030BED3178E9FEEC12F3D4227664C9B8A9E11E1A238E49D13A599939BA7CFE15C28CDAD464D5983D4E326B0167B8BDD9C8EC5FFB71E4B9EDAF2B3E5B327B6E08BA7B7EA40C10C3990688A33CBD54BE80A4CFB8882182FEE0787FFD2F13B694672E3A812B42399D47625F2E2536A734224E10CD9C4D8642ABFAB3010A3E7AD62EFD369570FD6002883A1541DDC486B4BA971F74B6D3D6C4298BEB4D515F5483E96877031E0379F5A8FFABA4698B269942FBD1C8BC76F2741C93FC6591A1B9BD022EE446B738B2A1E76086BD79EACED58F9751C6A65DBB9778D447589B12545F6E7B066FFBC7535AC85EC82839CB5DFCC8103391832C01FEDA21E38D298216E21D7A9D740F210E5214CCD818953B2CA7532A42FD724E05F0F4D4044B00BA2C33DB0F8E969784FCEF9D06BBB74B268E67970391924A5882017A4E5566A30F54271F8D0E11FC7BBD0B89180B930675B884E12E7D81709423AECFDFA230C8F563FB4AF5017F1F77FBE81F1932FC28CD997E0C65B6F377E2BC791676AA8643ACBD7B56372F01B92DAAF35ACDF0B1C6782D765FCEBA4DFCF0DDE03DE0B425EA71FC151DBA3070DC5C0A131183966220A8BBA1670E4A8E91CB087A4C18E881C55FD5C483B9CA7E3E0680F7516597EB0572B33B8CFB4A87D69A7B60E4D6FC84FAD40614AD75C5A534EA9D8536A53CE92C64E657A93E4803459551642240C0C166494212CDA57FB91E8CD64A1C4C6F57D919BC40998A3470623E14096DE3C164A098672C558B0A29C72588A02E0A44AECBA3E536A709E6FD7BA24383A1A460AE3B979D19DF79D464DF2E09804ACC5C98A3AC51C2F5C162A25E698ACFDEE38163C3C46FBA8D09D20AC44A1E4A596E1E0EA645C76697FA9B90DA33B151454C1DBC7116D1D0CC692FC486C72CD525E9687F79C44C5291939C749B9B8565FAEFD6956AAACBC2A1C4F2B83A7AB8DBA477AADA7A15594928F9B1D0A4AEBE1E57EE66900CE869CBC3C343637C9359A89E1B78203F0B05584CAC3D6EE0C8B7CCFF51CA087DB731C8ABCBC7C1DF4A5133A7E279FAB2C8CD2333FA72B607ABF7F4000BCBD3C11141068FC167075711165D962385E5D9D066EBB8292B252AD80FEA8B0B3B5F98904E5B1F25E7505159595FADE12EC02CF1EDB849B9B1B02FDFC34B9CBCBDB531B00BA829A9A6A2566123C9FA799E9B95DDC13FB7235B99121022EECDD7AB6854998EC326FEB64C81CA51D5557D6212FFDB47968CE02531BF1F9930FE5E222510864A956AD15A50611A3616D4EB140D97F58247BDFD1A172435928F9928662346E1A1E47F10A087347F2913C0D721AEF1FDF3A250F1EA7A1AE1935158D70F77680A7AF232E12435EFAF61EA989D9E1CB50FBE8D080DC4DFE19F238A42C727C133929D790C4F82DB7D36EEDB295958D39562C3B8A7629C3FCFB63502F464E704B5B7B2B2C7D7EBBFC06EDE9CA099D2BAB9B0C83F2880B61A89D0DE7309CCB703D1A9F91752437C635DC9D6DB1F5500E12D2CBB0725B1AAE9ADE4B5D1236959D0E9EAB455E0E1F4F079455D623A6DF9993B2CE866371C775AC07AA3C1AE5FDF7DE83575E7C0E2F3DFF0C5E7AEE0C8B7CFFEACB2FE0964537FDE80B9F3E423913C3CC85184944CC484C4AE95A16E0AE3D7BB5BF0BC7D3080BFB692C8FE0C040796686347F9E335194CDF9C0E9127440602A23C363FEC3C1C2C20A9E9E46E3960779E4E851E39A73233E21514D82DDDF3DDCDD748E152258C8822A966A9BC316242777EDBEEF3F74489526DF2F573717D8D99FBBE239B42E453B85D6D73463C49C9E7879C78D787ADDC2332ECF70F9E15A3CB7E13AB8F9396843839585250EAFEBDA708E1AD31832B9273E7F79132EBD638CD6B0CDF5AD70F5B64779A1B01D6B76B9199C6D7DFBB7719830BF9F14CC3031924E0B205293FD51DCBD9D34A6515956A76A8037DCC0D7F276F0006280249F435B5310DADB1757DC3E4AB7FDE1AB233ACC5F3BEFB8323C771283E501480CF2A9E792DF4822BACE786E1D514CD650113088FAE9E27DB8445C144F7145D83243D83A5822F9601E762D3D8E5973FBA81B51284AC3CBD35E4981C76302998EF921903368994972754DCD70177299240AAAB4BC16474F94E0AB0DC9F8E0DBE33AD6C68D17B3AB78C78F430276822D2775A2DA4843574EEB85C1515D9BA1BB13CCEA646DC7C5D1C911D17DFAC0C7DB1B01FEFE675D38D667AFC8087848CD462264EDCF7E2B9D888C0C878BA883565122EC3CF5F2DFFE6E5C73762CF972A98E5942894C793C6ECC58E31AC0D3CB4B0726E67C2224EF4F3EFB5CC7DB3C17962FFF56D50F0DE88F0A2AB211C386E9FD638C68CBB66D421C71C6B567C6E123B13878E8883677F399F5EDD3D730AF8F20383858542087D86B5512F8F093CFF4FB7361EBB6EDC8C9310CBCD4228A93CDB20C729F0B59E5C53A921DFB8BF51D1FAA9D39D94272B6C537CC4D47F38F1CEEAF95B99DA88E1DCBE28D473B37F4E9C5CCEE83E1D322717C6F16864CE9A9BD533DFC9CB52F8A8EAA25352F3B6BA51E2BD06EF29438ECD36130E676D9BE19BD0607203BA9C4207B69D86230AA066886ACB5655B1A24E550716E39C6CF89C6AA4F0FEAC44794AB6C62E5365AC3CB86DC9FBF185E2F2A1EFE4697C8401C9AF7A0E7D1CDE026AEC277CBE26029AA20E6E2DEDAFCCA6311ECCCB6EADDFDF076B1434C4C30F272AB35B8AA2D353C8CA194FCC5B08FFCA72209957B103328003FECC84474B82736EFCD86AB8395CE4EBF715F0E9232CB7199DC2F3B5B73ED1E4FF0A5610AFAD5337A6340A40716CE8ED2EFBB8A26794972F3F38CAE491B0244DA1A5A94CE0F66147A7B7B8942E460BB1D48CFCC32AEA13BE18A0913C669976C1A0695C3934F3F7B4A70B313725BB16ACD1A2CFB6A39DCDD5C512B12BD57644FF489328C4D4AB09BF784F163B4C2E0580F59D93978F99557751CD2D34137E69F6FBEA5031B53FEFFD13169FC58706A0682D7F7AF37DE4262D29953AD3945E3ABAFBDAEC4C967EF24CF60A2DC979371D51597EA044F2495E2A2623CF5CCF3670D6C1E3A74186FBCF39EDE5F1E8FCF72F6AC99C6B567C6A1F529B083B855627BECDF151875E6F4F133217C903F9A1B9B6126EF6C517DD73243F56D64C0E4FAC7A78B4F648EF0817E08EDE32335B4853695AA918A66679E013B9115E757232852E41B7D211AB9487C4E6F10DAC70B2744BE33804AA353A3979F6A8CD4FC84F049B3B822A3C5A0483A3BD7246AEE3B41C3D7FD68C4F283718AD2C21A21AE2A9415F1B31A25F2C9EF4AE5B3443F6BF5772EE525F528CAAFC23B6FEEC482BF8ED3B66A553902BA4BC9FBF270684D126EBB7524B2732B35DF42E76311E3523747889165E6B93938F1005107FD7B7963F9FA2444043AA3A8B45ED58521B80B384AB90F1C2FC49E6385B8E2A2489D74A95ECE49CE614D7AF3BCBEF076BFB069120906BDF272F3953438C176787898F62BE90A6CC42003FCFDF4771DA13C2DED94CE6BD72DBC5A0CDC4A0983C3E9D3F5B8FFA147F0F5B72B703C3E5E0D63EFFE0378FCA9A7F0C69BEFE8C3A06A69696952D7E774CC9E3153550E87C82361ED97DAF69E071EC4A79F7FAE83F3EE93637DB362251E78F8117CBB6215382CDF1F59657482031B0DECDF4FE3191C60989D0639C114A73B88157785F795E9DE1F7CF4311E7BF269255E2A810A515A13268CD75EC72763EEEC590811C541F562B8EF7BF0E0238F61FD864DEA4272F024BA776FBFF73E9E78F6397068463E738EC171F97C4E2179EE2107F7AF4A82BDB85574339C3DEC11D4BBEB534486F6F796774D14BBBCB876B042E2DEF377B0FC31BAC2D60E670F3B1CDF9D89DB5E9C85C29C4A94FE7D3B9C7D1CC0742B1AA08D9D15920E6461D0A4089C607F0A21010ED9B7F0FF26E1CBBF6F3510006B7F1ABE18A1928DC18AF41C4CD5EED9DF1F638434BE7E772F8AC54D7072B553A3A5356A70553E2BCBEA3145DC20E66F68CC408EA5E6AF0C64000FCB2011D54E87B8C83C678B7824765206067AC65CDE073BBE4A80935C135D2C96FFAB9777E3852DD763EEDC286CD8948298618158B5EE84A6BE931B9BDBDAB483D99431A1DA0D7FE58624396E07FACB43D8B23F476A7C294A1B0D89E733D1795FD3B22B7440E22BA6F7C2AA2DA93A695249533D9E7E771F5EB96FAC3C90930ADD05B069939319A9DF2FF017A5D155D0B50C0D09C6D6ED3BF4A54B4FCB503F9A815282B4F8CA0BCFE3C147FFAA64C2F12FCB4ACBF0DEFB1FEAF36259194761F77BC31C22ADA8961AF1BA85D760C8A0817A8C93C111B6FFF6D2F39877D9023508D68E35D5D558F2F952AD25F97C34A02C04E6E6EAA25DF6CDF89D5C1B9FD71F1574B9FFFAC843B8EA9AEB9408D8E4CD7773E9B2AFF0E5D265EAAE711C535E1B49850BA7B21C36648890EBCF4750E7F11E79E87E3CF0D05F75A63706ADE982BEFCEA6B4AA40C74733065B531516D266295548423860DC5CD37FDC97894B32337A9545C130B6DB0F00CB1D5F86257D163901FAC39F1BA54FED61652117E9F845EC3CFDC9BBA13A71CFD4F8F4F4573430B5EFFCB4A78FA3A63E845BDE013E40A8EE8C52EF17CA94A447D70EED4E09E5EDA8E1C18E6AE69E295A575F2B21903A07293A828749C42F993B33355091188A7838B6FE4E8CE2658FAC64E4D19570B145E2068884C170FEAE18E9BEE1B8F11E3C231606810068E08C26059060DE7673006CA2753CA675ED2176326C93603033072540F8C1DD703FDFAF9A9AB70FB5B73B4F5847116C256DC8A235B5370786D326EBE79848E72CE4994B4CBBD180C035896F2325C3CAD9794B705AB44F2F1A58F08729732B523471416F98B1DE9D83242854270C0E2CAAA267CFC5D3CC60D0D44BF084F6DBD49CFA9405ED1858FCE94949CA44A802F2967E3EA9CE3A4AB080A0C82995C07F7E7485E1C9CF664F4E9D31BAFFFE35584F508155553A1D7C8DACFD1D15E89C2C9C949FD71CE2BCA87F7D003F76BAFCCB381FD24967EFE29060E1820954283BE139DC7E1EC641CF897E0E0C4ECC2EFE9E1AE711212C8E92D092C73E7A227EF0AE4F1F1BD3979E90A0CDB1A9A1ECF94ADCB9C9CCF3EF950E31B3A676D63A31A3B1515631D8E0E8E62F076DAE18CD73C67F64CEDC17A36848785E395979E5352E7B8AF8493B383D894A912B5AD9D0D1CE4BE3536362801733472CE4B73BE314F8B332B509455295E82A9A64D746552E793C1F003E743610308BB7F7465CCD09F4DCB386862381C9C6DF08F3BBF86BDB32D82C5151934210279A925282FAE5557860F2A6C801FE2F76469A6684176B9CE2A4D52A1BB4217A2471F6FF41B1D8AFD9B9231784218068D0B130272C1BC453158F6F62E1CDB9BA9FDFE69B0ACE6492F7C88ECE13AF38A81E83B2C08775CF2117E5811872DDF27602397EF8ECB673C36AC3A8ECD3F9C407A4A99B82CB53828C77AEDF94D58BFE604D6CAFA43077230636EB4DED0E403F986D4747939A84AD20E17E0F2FB462129B51469E9A5F2825B2135BD0C2EE25E5C3CB3378E9D28466C62B1BC14E27F0A11DE75C3507CB93A0135F52DB85AD65F33BBB7908B09F61D37B44C903BF89ED637B6E28410D188BEDEE2AAD8E9C03DECE41626AECD8560DD0F1B919C9CA24AC1D9C901D75C75E505497A1AC096AD3BB409942ACD4B8C748048ED934163E6140116E616C8CDCB4392B825242AB68270F46B1B2B6B796927E1969B6ED0C980CE07D6B49CFC2730D05F95526A4AAA48EE2254881F5F2D06E2EDEDA3D348DEBAE8464D3ACBCACE52A3F4F5F5C6A489138C4701FEF1FA9BE2F636699F9B98E1237406F5F38123757FFEE5328DA5D0B59B3C792202859CCE07B66230598E6AAA54D4D69FAE5DA83187934125312A66A4AABD4271218E27C4A3DA38323B9545AD10EB6859BF48D4C0FC8BE71AF73A3BD84C1D337284E6D1C4279CD0B14FD8558144C1C1798AA51C51BD7A61D10D7FC282CBE7FF184C3D17328F1763C34747947C2A6A6B70E3F353E1117061EF5C567C1112F7E4AA1B4F5BE488FFD6C6B001F9FBF469194D84D5CF48E9B1DBD2F0F7BB966BFF11F6629D76ED10ED0D7760638ACE123FE1D2FED8B3F604068D0FC3AEB589689603D2FE59F871F3A371D363D35057D3888DCB8E222DBE0015A5F578E0F58BB5167FE8AA4F74EA0253710118EE603095E383729E14B61DBFB5F2267CF9F61E2C7D6F9761A01D3930678FD7CA87AA5DC8852D142DB2C8AF888CF2C5485119BB7666205B082025A5046F2CBE12FE2EB67868CA6234D5B66A6A2D512DE57870C9A570EAE781D7FFB90BFF77FF387CF5ED71F8FAD863F5C65454D43408C958EAA85FE346896F6AD681551BD3A4E6B4C6BA0F2F37C478044FBCB90719F99CEF94B107B906294B93288C1AD96FECA00084073AC1CED60A13879EFF053E19372CBA0545620094F7C3870FC5630F3D685CD375DC7EE73D2A7FD93B3632A227FEF1B7178D6BCE8C86FA46A4A4A7A901F9FAF8C0DB537C62C365FE22B0E6A4EA68E96885A39D83925EA702E8541252BF6B4571322132E8C7BFB9DEE0C29CBF10DC873912DC962D602ECE2E6A94E7836116F932254E96F7E4796ACF06AA8DDCFC7C550A6CAD62D099FBFF52F058B1B171AA5438E136E780E5B4141782556FECC5470F6F04C7E26516F6E2CCFBE0EED7B569173A11B72D1D778D7B073E5E2E6A6B8F7D770522871B72729896704BD46B2A0A9841FAC0A7F34F754F4E46FFB13DF0F69EBBB1E899E9DA99EDBD27D662DB37C7102E0A234A5440A330CF9839D1422AF57072B5C1D46B8660D153D3F0ECD26B953008469EE3F766A9B1370A8130857C87D4DA745538A319BF37280C060B20C4528B990B06A97FC5161AAA1AB22D0740E55817ECD7C10995D89AC098839DF87136E2129D905AFF9DD7B68BEF698911A26EA832D67E2F4410E18E81E2BE90213BC1710656BF770091216EF8DBCBD31112EC8207EE198D5DFBB2919EC597C84C034A541A21FE8E58BF3503D1911E1831D00FA5E2A6119C28DADCC204413E8EF0F37480AF879D2C0E08F37746FF9E9EC82BAE4190AF1396AE4D425965D7679267F43B39254D836A7C910644471BD75C18428383757F4EE0CC0C440654CF051B5B6BF4955A9DC13F2671FD1AC22068F0F6E296B8383AFFCCF855F19144847C4F5750868184E4F9CA33EF0A6110DC8706C719D3BC3C3CBB441804EF8DAF2820EED715C220E89670C0A3C103076A00F8D71006E1EFEB8B99D3A762DEC5737494F90B250C2223AE5087C264BF91F021BEDA747AA17074B38713BB2C48E5D7D2D4725E17E59CBA973D5D99F4F5D4B2EBF1D28A1B31EBC661FAA07B0F0DC645570DC2FCDB6370F1AD3178EEABEB71ED4313B50B7D70AF9F1E80A38B9DF84966F861E9617171C2A550EDD8FC350796F9A9E661B32C0BC1D803DD8839A268BEFE600F7233C475B0B712792BFE3D7D8076D624861A9D39186CC9A9AD6D1235D3A4DFB393D8813D9938202495256EC7A25B47E9F1E7FFDF281D4A908C4930269172300F8736A4C0CEE6A71B3C636A4FCC99162935A3A5D4D0ED080970D159E22F9F1585406F27A46654E0FE97B6E0B3550978EBCB58AC1676DE7E384F3BA9ED389287DD4773B12B2E1FFB8F152036A90471C9A5F2029B8ADBD2B50C4022252D55DC0AC358911C6BB577EFDEFAFB85222666B8DC9B7A35BEA2C2229414772DD3AF1BFF59A8AF6E425E5299E645913442FB79E37CB3C09F092E5E7608EAE5A1EF1C6D2B33FEDC93629D93343AE1EC6E873E234230FBA691B8ED85999875C3308408397034E390DE3EB0170571368C9D172D4AC416972C1A81551F1F405672B148294B250B064059E3B4494DC85C8F85F71A92872A8A6A1110EA2A6ECA0D98BB70B02A0506CD982549C5C13960FB0E0EC00431F28BE6F4C1745966CDED8B05B2ED1C21AE71137B225B4887F00B77C7E8CB7A8B7433D4F89C82817D58963D6798BFB3BAB6116BD625E1D57FEE444E5E35268FEFA1C1D01993C2E0266A67BD90C3CE83D9AA2EB265FDD6FDD93A0607550E7BB072FE562E36425A9CA18D04E6CF56A89452F878DAC2435CA4AE62CBB6ADDAA24137C1D3D3FD825A4E4EC6B061C3447E372AC153B227249E3F5BB31BFF7928C9AD448E9006BB68507987F6BFB0CCE34EB0853128DA5BFB74B11B46C69142B1B9B3770BE81269FC1A440D0EC45D2FCFD63E221F3EB74147F832382572724E712656C65EB67E212E9879C560BCFDEC7A24C6E662F69583E1244AE5BABBC6E2D29B8663F61503B140486BFAFCFE8888F2D666BCA2FC6A51156548901A7EFB96547CF3E511BCFFE60E7C2A4AE5D9277EC0F2A547B41975C123E361290A824C4AD0F5D9BF2B055922ED92D2CA5052560B1B295F5656053E5A7204ABD69F406D5D0BD66E4943430365BE19D88A65239F1C48884153114BAA9C7E822172CF5884AFA73D0AC4D5AAAC6ED6D695AE62F79E7D7A5F2AABAA743E13ED2FF20B400DC77E22F4BD793C1EB71BFF7D284CAB40B6284956AA8CED0544BA19D75C3882A23C34219236727C5B262A0A8CC96752B973C8090ED5590F4E37D9F6F3D693DF1A4C180B0CF7C0AAC5FB10BB3313B6F686082DC9828954FCC75EA093850CFA8F0846FCFE1CF885BA232CCA47833BE525B5F8E2AD5DD8BF231DC70E6423510822536AF182BC4A9496D4E9D48DB5E2A270B83F364F31026C6B6FA9C65227EE4B4E76A52A92C2D47224EDCF85B5A8232D57BB39D28F16E0DA07C7A1548EC1418539DD818383B5BA27CC300D0A70425246A5AA9B0E792A2C76A3105C9F080FA4E6541A5C7FFAE77A44DEDF0E6D8E1D35C05FE74519D1D71723BBC8FE6D6DAD484E4D838F97B712C6C8E1C3D1BB57A471ED85A34194065B0342434234159D6DFEDDF8EF425662319A4A9B7552E7F0813E187559F42F724F08CEED5A5DDA28C4E3AE794E232FE90D07171B55AAD90986A131BCBC5D307466CFB3B79EFC96600EC7D3377C89A2DC0A5508AA6F8430A83728E739C8CE927DF760DBEA04BCF9F85A38893B34EB1A511AE2D65455D463D907FBB4B9D4D482E6C95610A9E1A5AA67C169E034544B210BED15C86F59E38B298F9ED0035B36A6E0ED8FAE40656A251E9EF6B1F67F610B0F150107567D76ED4258063961F386147CF1F55138898A68956344F5F602F3483834E0816385B0B7B7469B1CB55DC863E2C820EC3C92A70462222E49A75C63E7B6405F7B784AB9B71DCAC3E72F4C47B04FD726FCE56360993A633DA707092F143C5EE7A3E527038CDDF8EFC28F3D95B5F2950F63CBDE2F058F6750CBF2BEC87BDD093D0FDF4B798FD838F1EBDECC2E62C3B223C8482CD20B6312155501A3B42DCDED282FAAC1C5370CD3C140367E15ABBE59CCE49E58BFFC285EBC6F05F66E4EC5A8493DC5CFE70D22D1C885D1A0C41E1807F1F275C4CC79FDF5780C9872E6341A092F8C199BCC5578E78DDDE8393200E31744A34AD409E516C7FE681417E4A3BF6E42A89F13A2FA78C2C3C3FEC7D1C639F6C6A61D19888AF094DADF5EDBD3CDE4A88C379495D523C0DB41632C1A9B11F0A3555899FD55E2D3CA71FDECA82E1306C18745C32659FC5AC22078BCCE637513C67F27D480B90859FC5AC220782C1EE764C2203ACFC14FFD5B7FFE8EA8A96CC09EB509DA2C6BEB680D3B59989D692B6E000730F60974C1823B4661EBCAE3B0B435C7DC1B86EBD080A585B5F0F67541765A29EC1DADE0EA61A7FE166F0D0DB4AABC1E4E2EB678F0B999B86AD17078783A68162A099142C44248884DB7BC4066BBB1DFC8C5F7C6207CB02F027A792030CA1311F23BB35D930FE461C4902084063133AECD7002F9EF2EF26CC50F27306A70A02A9D36F9C76629E663B0795789DEB0A91295159B6B65F71E4242375CFCCB9A4BBBD18D3F3A7E77F784929B4921741FD4BA3A21C6CD7C0B0ECBC7AEB90B635E5337E5E9C557E2E8DE4C6C59755C13B8B80BE310532F1D80CFDFDA21BF5B81B3BF47447BE3FE6767C237C030ACFFD60D27F0FCC3E2DAE808CCA67076B3D51696B5ABE2316E5284C6396EBF734CA785EB3E945D9462ECF64F6CDF9581C79ED90807676B0C88F6436A56B9E6668C1E1E846A295BACA8252689798BF288E8E18EF5BB3285F82C741EDB7A59EFED618BD9637BE09249E1BF685CD06E74E33F01BF7B20943299C119B69E309ED0B950E6337FE3C4913C6C13C33EBA3B13B73C3E056F3FB55E8D7AFCAC28241CCE57E5C04E710D421481E19EA8AE6EC00DF78EC3ED8F4CD164B14E048B11B3D973F7D634915880978F231C9DAC909F5785BEFDFCF0DD8A63484F2FC3F163F9D8BD371B3BC4E05DDD6DB176433212840CBE5F93A0EE0C07182E29AD87AFAF834E1ACDF94C720B6B103324007945B53A7646496523268F0CC6A1F822ED6CC48C42073B2BDC77ED604C1F15AA64D88D6EFCB7E277278DB38135B6A3932DAA2B840C22DC5122C6DD50D7826431EAC2EC0A9D2680533CC6EEC9D06DD971EEF2452330EB8A811830FCCC3347F51672A03F76787F964EB844C5502C6E4E5884078EC515A020B74A08A204A9C9C538129BAF81CED8238699F2BF5F73029C152D44CE939E5E0E5F219DDAFA66B0031D83ADB50DAD1831D81FC7924A8448DA1133D01F87138AC0FE369CCB756A4C302E9D72619D85BAD18DFF44FC5B5A4FBA024E0F59905589F88359A8969A9CB3D68F9C14090F76CDB7B280A30BBB10772DA0979D518655DFC4A9CAA0C2E1644699A2323A5B6E74DC53B96C27671B8C1063DF2BCA63842887152BE371E55503F0E55771888EF64171591D0AC5B5E25CB0354228532786EBDF7B8FE663DCC8203470DE9494523409A9DCB37030E6895BD28D6EFCB7E30F431ABF0798F895975B89679F58077B7191D84D8AF1070D6C88BAE04CF0D3A6478AEA2880BBB82A2666667070B0425E418DBA50B50DCDC82FAED5EEC36DE22771E0A0CBE74663A5B834754D2DB8E692BE78E38B23B011B7E6A367A722F0025A4BBAD18DFF54FC573BDF41A16EDA52C33142080EA843BED01616015B44E2138A316448000E1ECE852B9359841882039D35B5DD446E0F9B54C9AB1C5E902D27FB8FE422667080E668B03F0B6769EB27EE55376174E37F05FFF511BBFE03FCD1B3B70FAAAA0C23940B0B0871086BC887B9A50952928AB5F9D4CFD719078438CCCCCDD0BB1747A366A28B6104746D02975F2C2C4C90262E948D85B99084233272AA7454F3FBAF3BFF9813DDE8C67F0BFE27C2FCCFFE6D16BC4509D45437EB781E1C48954DC166F28FB922DFAD3A8EB9B3A390935581FCC22A9DCB64D8C0001D7884DD63D4ADE9304C914802D9B8271DE3449D5454D5E38DC726C3CFFBC2C62FE84637FE93F15F1DD338194585D5D8BB2B13E9E9A548882FD2690C6AEB5B60EF60ADAEC6C409E1422C0E183A2C10FEBE4E282CAEC57D0FAF41AD900CBBECB3058789951DF283718E6103FDF1C89F4769E7B46E74E37F09FF33A4D1095E6E4D75132ACAEB70F46801F6EFCF425A6639FCFC9DF1E273D3D53D216A6A9B448124205BC885638032C9ABACAA11CD6D1D183AC00F57CF8B4678B0AB6EDB8D6EFCEF00F87F9ED91B4B4AFAE0D90000000049454E44AE426082 WHERE `app_id`='11' and `app_name` = 'LF Acumos Marketplace';
diff --git a/kubernetes/portal/components/portal-mariadb/templates/NOTES.txt b/kubernetes/portal/components/portal-mariadb/templates/NOTES.txt
deleted file mode 100644
index ee7a285cc0..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/portal/components/portal-mariadb/templates/configmap.yaml b/kubernetes/portal/components/portal-mariadb/templates/configmap.yaml
deleted file mode 100644
index eaa0cfb259..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/configmap.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-mariadb
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/*").AsConfig . | indent 2 }}
-
diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
deleted file mode 100644
index 469a0b5329..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
+++ /dev/null
@@ -1,121 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - name: volume-permissions
- image: {{ include "repositoryGenerator.image.busybox" . }}
- command: ['sh', '-c', 'chmod -R 777 /var/lib/mysql']
- volumeMounts:
- - mountPath: /var/lib/mysql
- name: mariadb-data
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_HOST
- value: "{{ include "common.servicename" . }}"
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- - name: MYSQL_USER
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: backend-db-user
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: backend-db-password
- - name: PORTAL_DB_TABLES
- value: {{ .Values.config.backend_portal_tables }}
- volumeMounts:
- - mountPath: /var/lib/mysql
- name: mariadb-data
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /usr/local/bin/docker-entrypoint.sh
- subPath: docker-entrypoint.sh
- name: docker-entry
- resources: {{ include "common.resources" . | nindent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- {{- if .Values.persistence.enabled }}
- - name: mariadb-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: docker-entry
- configMap:
- name: {{ include "common.fullname" . }}-mariadb
- defaultMode: 0755
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/portal/components/portal-mariadb/templates/job.yaml b/kubernetes/portal/components/portal-mariadb/templates/job.yaml
deleted file mode 100644
index 5a66bb96bd..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/job.yaml
+++ /dev/null
@@ -1,95 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ include "common.fullname" . }}-config
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-job
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}-job
- release: {{ include "common.release" . }}
- spec:
- restartPolicy: Never
- initContainers:
- - name: {{ include "common.name" . }}-init-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - {{ include "common.name" . }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- containers:
- - name: {{ include "common.name" . }}-job
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.mariadbInitImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: DB_HOST
- value: "{{ include "common.servicename" . }}"
- - name: DB_USER
- value: {{ .Values.config.mariadbUser }}
- - name: DB_PASS
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}, key: db-root-password}
- - name: SQL_SRC_DIR
- value: {{ .Values.config.sqlSourceDirectory }}
- - name: {{ include "common.name" . }}-oom-update-job
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.mariadbInitImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: DB_HOST
- value: "{{ include "common.servicename" . }}"
- - name: DB_USER
- value: {{ .Values.config.mariadbUser }}
- - name: DB_PORT
- value: "{{ .Values.service.internalPort }}"
- - name: DB_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}
- key: db-root-password
- command:
- - /bin/sh
- - -x
- - -c
- - "mysql -vv --user=$DB_USER --password=$DB_PASS --host=$DB_HOST --port=$DB_PORT < /tmp/oom_updates.sql"
- volumeMounts:
- - name: portal-mariadb-sql
- mountPath: /tmp/oom_updates.sql
- subPath: oom_updates.sql
- volumes:
- - name: portal-mariadb-sql
- configMap:
- name: {{ include "common.fullname" . }}-mariadb
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- restartPolicy: Never
diff --git a/kubernetes/portal/components/portal-mariadb/templates/pv.yaml b/kubernetes/portal/components/portal-mariadb/templates/pv.yaml
deleted file mode 100644
index e10b003570..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/pv.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/portal/components/portal-mariadb/templates/pvc.yaml b/kubernetes/portal/components/portal-mariadb/templates/pvc.yaml
deleted file mode 100644
index 1cadcc51d5..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/pvc.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml b/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml
deleted file mode 100644
index c0800e0275..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
-stringData:
- backend-db-user: {{ .Values.config.backendDbUser }}
- backend-db-password: {{ .Values.config.backendDbPassword }}
diff --git a/kubernetes/portal/components/portal-mariadb/templates/service.yaml b/kubernetes/portal/components/portal-mariadb/templates/service.yaml
deleted file mode 100644
index 7b9ef91900..0000000000
--- a/kubernetes/portal/components/portal-mariadb/templates/service.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.externalPort }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- {{- end}}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/portal/components/portal-mariadb/values.yaml b/kubernetes/portal/components/portal-mariadb/values.yaml
deleted file mode 100644
index a7fdb54d78..0000000000
--- a/kubernetes/portal/components/portal-mariadb/values.yaml
+++ /dev/null
@@ -1,153 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-global: # global defaults
- nodePortPrefix: 302
- persistence: {}
-
-# application image
-image: onap/portal-db:3.4.1
-pullPolicy: Always
-mariadbInitImage: oomk8s/mariadb-client-init:3.0.0
-
-# application configuration
-config:
- mariadbUser: root
- mariadbRootPassword: Aa123456
- backendDbUser: portal
- backendDbPassword: portal
- #backend_portal_tables is a comma delimited string listing back-end tables
- #that backendDbUser needs access to, such as to portal and ecomp_sdk tables
- backend_portal_tables: portal,ecomp_sdk
- #The directory where sql files are found in the projects gerrit repo.
- sqlSourceDirectory: portal/deliveries
- # sdc frontend assignment for port 9443
- sdcFePort: "30207"
- # application's front end hostname. Must be resolvable on the client side environment
- sdcFeHostName: "sdc.api.fe.simpledemo.onap.org"
- # policy pap ui assignment for port 8443
- papPort: "30219"
- # application's front end hostname. Must be resolvable on the client side environment
- papHostName: "policy.api.simpledemo.onap.org"
- # vid ui assignment for port 8443
- vidPort: "30200"
- # application's front end hostname. Must be resolvable on the client side environment
- vidHostName: "vid.api.simpledemo.onap.org"
- # aai sparky ui assignment for port 8080
- aaiSparkyPort: "30220"
- # application's front end hostname. Must be resolvable on the client side environment
- aaiSparkyHostName: "aai.ui.simpledemo.onap.org"
- # cli ui assignment for port 8080
- cliPort: "30260"
- # application's front end hostname. Must be resolvable on the client side environment
- cliHostName: "cli.api.simpledemo.onap.org"
- # portal sdk (demo app) ui assignment for port 8990
- portalSdkPort: "30212"
- # application's front end hostname. Must be resolvable on the client side environment
- portalSdkHostName: "portal-sdk.simpledemo.onap.org"
- # dmaap bus controller ui assignment for port ?
- dmaapBcPort: "" # TODO: populate with
- # application's front end hostname. Must be resolvable on the client side environment
- dmaapBcHostName: "dmaap-bc.simpledemo.onap.org"
- # msb IAG ui assignment for port 80
- msbPort: "30283"
- # application's front end hostname. Must be resolvable on the client side environment
- msbHostName: "msb.api.simpledemo.onap.org"
- # SO Monitoring assignment for port 30224
- soMonitoringPort: "30224"
- # application's front end hostname. Must be resolvable on the client side environment
- soMonitoringHostName: "so-monitoring"
-
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 450
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 450
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: portal/mariadb/data
-
-service:
- type: ClusterIP
- name: portal-db
- portName: portal-db
- externalPort: 3306
- internalPort: 3306
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 460m
- memory: 175Mi
- requests:
- cpu: 10m
- memory: 100Mi
- large:
- limits:
- cpu: 2
- memory: 2Gi
- requests:
- cpu: 800m
- memory: 1Gi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: portal-db
- roles:
- - read
diff --git a/kubernetes/portal/components/portal-sdk/.helmignore b/kubernetes/portal/components/portal-sdk/.helmignore
deleted file mode 100644
index daebc7da77..0000000000
--- a/kubernetes/portal/components/portal-sdk/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/portal/components/portal-sdk/Chart.yaml b/kubernetes/portal/components/portal-sdk/Chart.yaml
deleted file mode 100644
index 7f3ff1d8b5..0000000000
--- a/kubernetes/portal/components/portal-sdk/Chart.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Portal software development kit
-name: portal-sdk
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties
deleted file mode 100644
index 895de10a4f..0000000000
--- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties
+++ /dev/null
@@ -1,51 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-# login settings
-login_method_backdoor = backdoor
-login_method_attribute_name = login_method
-
-# These properties will be removed after SingleSignOnController is cleaned
-authentication_mechanism = BOTH
-login_method_csp = csp
-login_method_web_junction = web_junction
-
-#login message
-login.error.hrid.empty = Login failed, please contact system administrator.
-login.error.hrid.not-found = User not found, please contact system administrator.
-login.error.user.inactive = Account is disabled, please contact system administrator.
-
-# User Session settings
-user_attribute_name = user
-roles_attribute_name = roles
-role_function_list = role_function_list
-role_functions_attribute_name = role_functions
-
-# Import-user LDAP settings
-post_initial_context_factory = com.sun.jndi.ldap.LdapCtxFactory
-post_provider_url = ldap://ldap.mycompany.com:389
-post_security_principal = ou=people,o=mycompany,c=us
-post_max_result_size = 499
-
-# menu settings
-menu_query_name = menuData
-application_menu_set_name = APP
-application_menu_attribute_name = applicationMenuData
-business_direct_menu_set_name = BD
-business_direct_menu_attribute_name = businessDirectMenuData
-
-# Role settings
-sys_admin_role_id = 1
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/key.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/key.properties
deleted file mode 100644
index a5160457ec..0000000000
--- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/key.properties
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-###
-# ============LICENSE_START==========================================
-# ONAP Portal SDK
-# ===================================================================
-# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-# ===================================================================
-#
-# Unless otherwise specified, all software contained herein is licensed
-# under the Apache License, Version 2.0 (the “License”);
-# you may not use this software except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
-# you may not use this documentation except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
-# Unless required by applicable law or agreed to in writing, documentation
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# ============LICENSE_END============================================
-#
-#
-###
-*/}}
-
-# Properties read by the ECOMP Framework library (epsdk-fw)
-cipher.enc.key = ${CIPHER_ENC_KEY}
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml
deleted file mode 100644
index 2c2cd00f1c..0000000000
--- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml
+++ /dev/null
@@ -1,225 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ============LICENSE_START==========================================
- ONAP Portal SDK
- ===================================================================
- Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- Modifications Copyright © 2018 Amdocs, Bell Canada
-
- ===================================================================
-
- Unless otherwise specified, all software contained herein is licensed
- under the Apache License, Version 2.0 (the “License”);
- you may not use this software except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- Unless otherwise specified, all documentation contained herein is licensed
- under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
- you may not use this documentation except in compliance with the License.
- You may obtain a copy of the License at
-
- https://creativecommons.org/licenses/by/4.0/
-
- Unless required by applicable law or agreed to in writing, documentation
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- ============LICENSE_END============================================
-
- -->
-<configuration scan="true" scanPeriod="3 seconds" debug="true">
- <!--<jmxConfigurator /> -->
- <!-- specify the component name -->
- <property name="componentName" value="onapsdk"></property>
- <!-- specify the application name -->
- <property name="application_name" value="PortalSDK"></property>
- <!-- specify the base path of the log directory -->
- <property name="logDirPrefix" value="/var/log/onap"></property>
- <!-- The directories where logs are written -->
- <property name="logDirectory" value="${logDirPrefix}/${componentName}" />
- <!-- Can easily relocate debug logs by modifying this path. -->
- <property name="debugLogDirectory" value="${logDirPrefix}/${componentName}" />
- <!-- log file names -->
- <property name="generalLogName" value="application" />
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <!--
- These loggers are not used in code (yet).
- <property name="securityLogName" value="security" /><property name="policyLogName" value="policy" /><property name="performanceLogName" value="performance" /><property name="serverLogName" value="server" />
- -->
- <!-- 1610 Logging Fields Format Revisions -->
- <property name="auditLoggerPattern" value="%X{AuditLogBeginTimestamp}|%X{AuditLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
- <property name="metricsLoggerPattern" value="%X{MetricsLogBeginTimestamp}|%X{MetricsLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVisualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
- <property name="errorLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{ErrorCategory}|%X{ErrorCode}|%X{ErrorDescription}| %msg%n" />
- <property name="defaultLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ClassName}| %msg%n" />
- <!-- use %class so library logging calls yield their class name -->
- <property name="applicationLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%class{36}| %msg%n" />
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>${defaultLoggerPattern}</pattern>
- </encoder>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
- <!-- The EELFAppender is used to record events to the general application
- log -->
- <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${generalLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
- <!-- keep 30 days' worth of history capped at 3GB total size -->
- <maxHistory>30</maxHistory>
- <totalSizeCap>3GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${applicationLoggerPattern}</pattern>
- </encoder>
- <filter class="org.onap.portalapp.util.CustomLoggingFilter" />
- </appender>
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <!-- Class name is part of caller data -->
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="EELF" />
- </appender>
- <!-- EELF Security Appender. This appender is used to record security events
- to the security log file. Security events are separate from other loggers
- in EELF so that security log records can be captured and managed in a secure
- way separate from the other logs. This appender is set to never discard any
- events. -->
- <!--
- <appender name="EELFSecurity" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${securityLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip
- </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><discardingThreshold>0</discardingThreshold><appender-ref ref="EELFSecurity" /></appender>
- -->
- <!-- EELF Performance Appender. This appender is used to record performance
- records. -->
- <!--
- <appender name="EELFPerformance" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${performanceLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip
- </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><outputPatternAsHeader>true</outputPatternAsHeader><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><appender-ref ref="EELFPerformance" /></appender>
- -->
- <!-- EELF Server Appender. This appender is used to record Server related
- logging events. The Server logger and appender are specializations of the
- EELF application root logger and appender. This can be used to segregate Server
- events from other components, or it can be eliminated to record these events
- as part of the application root log. -->
- <!--
- <appender name="EELFServer" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${serverLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip
- </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><appender-ref ref="EELFServer" /></appender>
- -->
- <!-- EELF Policy Appender. This appender is used to record Policy engine
- related logging events. The Policy logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <!--
- <appender name="EELFPolicy" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${policyLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip
- </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><appender-ref ref="EELFPolicy" /></appender>
- -->
- <!-- EELF Audit Appender. This appender is used to record audit engine
- related logging events. The audit logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
- <!-- keep 30 days' worth of history capped at 3GB total size -->
- <maxHistory>30</maxHistory>
- <totalSizeCap>3GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${auditLoggerPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
- <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
- <!-- keep 30 days' worth of history capped at 3GB total size -->
- <maxHistory>30</maxHistory>
- <totalSizeCap>3GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${metricsLoggerPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFMetrics"/>
- </appender>
- <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
- <!-- keep 30 days' worth of history capped at 3GB total size -->
- <maxHistory>30</maxHistory>
- <totalSizeCap>3GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${errorLoggerPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFError"/>
- </appender>
- <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${debugLogDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
- <!-- keep 30 days' worth of history capped at 3GB total size -->
- <maxHistory>30</maxHistory>
- <totalSizeCap>3GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${defaultLoggerPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFDebug" />
- </appender>
- <logger name="org.onap.eelf" level="info" additivity="false">
- <appender-ref ref="asyncEELF" />
- </logger>
- <logger name="EELFAudit" level="info" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="org.onap.eelf.debug" level="debug" additivity="false">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
- <logger name="EELFError" level="info" additivity="false">
- <appender-ref ref="asyncEELFError" />
- </logger>
- <logger name="EELFMetrics" level="info" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <root level="DEBUG">
- <appender-ref ref="asyncEELF" />
- <appender-ref ref="STDOUT" />
- </root>
-</configuration>
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties
deleted file mode 100644
index 3e215647e5..0000000000
--- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties
+++ /dev/null
@@ -1,36 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-
-music.version = v2
-music.keyspace = keyspaces
-music.session.keyspace = portalsdk
-music.tables = tables
-music.session.attr.tables = spring_session_attributes
-music.session.meta.tables = spring_session
-music.consistency.info = type
-music.consistency.info.value = eventual
-music.cache = false
-music.session.max.inactive.interval.seconds = 1800
-music.serialize.compress = true
-
-#By default it's eventual
-music.atomic.get = false
-music.atomic.put = false
-
-cassandra.host={{.Values.cassandra.service.name}}
-cassandra.user=${CASSA_USER}
-cassandra.password=${CASSA_PASSWORD}
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties
deleted file mode 100755
index 4d26240be4..0000000000
--- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties
+++ /dev/null
@@ -1,62 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-
-# Properties read by ECOMP Framework library, ecompFW.jar
-
-##########################################################################
-# The following properties should NOT be changed by partner applications.
-##########################################################################
-
-portal.api.prefix = /api
-max.idle.time = 5
-user.attribute.name = user_attribute
-
-#Use REST API instead of UEB to fetch the functional menu data
-use_rest_for_functional_menu=true
-
-##########################################################################
-# The following properties MUST be changed by partner applications.
-##########################################################################
-
-# Name of java class that implements the OnBoardingApiService interface.
-# epsdk 1.3 uses org.onap prefix
-portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl
-
-# CSP Global Log On for single sign on
-ecomp_redirect_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm
-
-# URL of the ECOMP Portal REST API
-
-ecomp_rest_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/auxapi
-
-# Applications do not need to run a UEB listener in 1610.
-ueb_listeners_enable = false
-
-# UEB Configuration
-ueb_url_list = message-router
-# ECOMP Portal listens on this UEB topic
-ecomp_portal_inbox_name = ECOMP-PORTAL-INBOX
-# Replace these 3 default values with the ones for your specific App,
-# as shown on the on-boarding page on the ECOMP Portal web application.
-ueb_app_key = jQd4a9zVNi4ePyBp
-ueb_app_secret = P0HpqEBhKJvxjRYdw2sCTUll
-ueb_app_mailbox_name = ECOMP-PORTAL-OUTBOX-APP1
-# Consumer group name for UEB topic.
-# Use the special tag '{UUID}' to generate a unique one for each sdk-app server.
-ueb_app_consumer_group_name = {UUID}
-
-decryption_key = AGLDdG4D04BKm2IxIWEr8o==
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
deleted file mode 100755
index 3873da13a9..0000000000
--- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
+++ /dev/null
@@ -1,95 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-
-# Properties read by ECOMP Core library, ecompSDK-core.jar
-
-##########################################################################
-# The following properties should NOT be changed by partner applications.
-##########################################################################
-
-application_user_id = 30000
-post_default_role_id = 16
-clustered = true
-
-#Enable Fusion Mobile capabilities for the application
-mobile_enable = false
-
-# Cache config file is needed on the classpath
-cache_config_file_path = /WEB-INF/classes/cache.ccf
-cache_switch = 199
-cache_load_on_startup = false
-
-user_name = fullName
-decryption_key = AGLDdG4D04BKm2IxIWEr8o==
-
-##########################################################################
-# The following properties MAY require changes by partner applications.
-##########################################################################
-
-db.driver = org.mariadb.jdbc.Driver
-db.connectionURL = jdbc:mariadb://portal-db:3306/ecomp_sdk
-db.userName =${PORTAL_DB_USER}
-db.password =${PORTAL_DB_PASSWORD}
-db.min_pool_size = 5
-db.max_pool_size = 10
-hb.dialect = org.hibernate.dialect.MySQLDialect
-# SQL statements are logged to stdout
-hb.show_sql = true
-hb.idle_connection_test_period = 3600
-
-app_display_name = Demo App
-files_path = /tmp
-
-#element map files
-element_map_file_path = /tmp
-element_map_icon_path = app/fusionapp/icons/
-
-#Cron Schedules
-log_cron = 0 0/1 * * * ?;
-mylogins_feed_cron = 0 0/60 * * * ?;
-#sessiontimeout_feed_cron = 0 * * * * ? *
-my_login_feed_output_dir = /tmp/MyLogins
-
-# Link shown in Help menu
-contact_us_link = https://todo_contact_us_link.com
-
-# An Unique 128-bit value defined to identify a specific version
-# of an application deployed on a specific virtual machine.
-# This value must be generated and updated by the application
-# which is using the ECOMP SDK at the time of its deployment.
-# Online Unique UUID generator - https://www.uuidgenerator.net/
-instance_uuid=8da691c9-987d-43ed-a358-00ac2f35685d
-
-# R Cloud feature - configure this property to enable notebook feature - for more details on RCloud please visit https://rcloud.social/index.html
-guard_notebook_url=
-
-#authenticate user server
-#TODO: what is this URL supposed to be pointing to? Nothing in portal opens 8383
-authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/allUsers
-
-#cookie domain
-cookie_domain = onap.org
-
-# External Central Auth system access
-remote_centralized_system_access = {{.Values.global.aafEnabled}}
-
-# External Access System Basic Auth Credentials & Rest endpoint
-# External Access System Basic Auth Credentials & Rest endpoint
-ext_central_access_user_name = aaf_admin@people.osaaf.org
-ext_central_access_password = demo123456!
-ext_central_access_url = {{.Values.aafURL}}
-ext_central_access_user_domain = @people.osaaf.org
diff --git a/kubernetes/portal/components/portal-sdk/resources/server/server.xml b/kubernetes/portal/components/portal-sdk/resources/server/server.xml
deleted file mode 100644
index 1cea5ab8f8..0000000000
--- a/kubernetes/portal/components/portal-sdk/resources/server/server.xml
+++ /dev/null
@@ -1,155 +0,0 @@
-<?xml version='1.0' encoding='utf-8'?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
- Modifications to this file for use in ONAP are also subject to the Apache-2.0 license.
--->
-<!-- Note: A "Server" is not itself a "Container", so you may not
- define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/server.html
- -->
-<Server port="8005" shutdown="SHUTDOWN">
- <Listener className="org.apache.catalina.startup.VersionLoggerListener" logArgs="false"/>
- <!-- Security listener. Documentation at /docs/config/listeners.html
- <Listener className="org.apache.catalina.security.SecurityListener" />
- -->
- <!--APR library loader. Documentation at /docs/apr.html -->
- <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
- <!-- Prevent memory leaks due to use of particular java/javax APIs-->
- <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
- <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
- <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
-
- <!-- Global JNDI resources
- Documentation at /docs/jndi-resources-howto.html
- -->
- <GlobalNamingResources>
- <!-- Editable user database that can also be used by
- UserDatabaseRealm to authenticate users
- -->
- <Resource name="UserDatabase" auth="Container"
- type="org.apache.catalina.UserDatabase"
- description="User database that can be updated and saved"
- factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
- pathname="conf/tomcat-users.xml" />
- </GlobalNamingResources>
-
- <!-- A "Service" is a collection of one or more "Connectors" that share
- a single "Container" Note: A "Service" is not itself a "Container",
- so you may not define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/service.html
- -->
- <Service name="Catalina">
-
- <!--The connectors can use a shared executor, you can define one or more named thread pools-->
- <!--
- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
- maxThreads="150" minSpareThreads="4"/>
- -->
-
-
- <!-- A "Connector" represents an endpoint by which requests are received
- and responses are returned. Documentation at :
- Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
- Java AJP Connector: /docs/config/ajp.html
- APR (HTTP/AJP) Connector: /docs/apr.html
- Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
- -->
- <Connector port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- {{ if .Values.global.aafEnabled }}
- redirectPort="8443"
- {{ end }}
- />
- <!-- A "Connector" using the shared thread pool-->
- <!--
- <Connector executor="tomcatThreadPool"
- port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- redirectPort="8443" />
- -->
- <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
- This connector uses the NIO implementation that requires the JSSE
- style configuration. When using the APR/native implementation, the
- OpenSSL style configuration is required as described in the APR/native
- documentation -->
- <!--
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
- maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- clientAuth="false" sslProtocol="TLS" />
- -->
- {{ if .Values.global.aafEnabled }}
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
- maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- keystoreFile="{{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.keystoreFile}}"
- keystorePass="${javax.net.ssl.keyStorePassword}"
- clientAuth="false" sslProtocol="TLS" />
- {{ end }}
- <!-- Define an AJP 1.3 Connector on port 8009 -->
- <Connector port="8009" protocol="AJP/1.3"
- {{ if .Values.global.aafEnabled }}
- redirectPort="8443"
- {{ end }}
- />
-
-
- <!-- An Engine represents the entry point (within Catalina) that processes
- every request. The Engine implementation for Tomcat stand alone
- analyzes the HTTP headers included with the request, and passes them
- on to the appropriate Host (virtual host).
- Documentation at /docs/config/engine.html -->
-
- <!-- You should set jvmRoute to support load-balancing via AJP ie :
- <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
- -->
- <Engine name="Catalina" defaultHost="localhost">
-
- <!--For clustering, please take a look at documentation at:
- /docs/cluster-howto.html (simple how to)
- /docs/config/cluster.html (reference documentation) -->
- <!--
- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
- -->
-
- <!-- Use the LockOutRealm to prevent attempts to guess user passwords
- via a brute-force attack -->
- <Realm className="org.apache.catalina.realm.LockOutRealm">
- <!-- This Realm uses the UserDatabase configured in the global JNDI
- resources under the key "UserDatabase". Any edits
- that are performed against this UserDatabase are immediately
- available for use by the Realm. -->
- <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
- resourceName="UserDatabase"/>
- </Realm>
-
- <Host name="localhost" appBase="webapps"
- unpackWARs="true" autoDeploy="true">
-
- <!-- SingleSignOn valve, share authentication between web applications
- Documentation at: /docs/config/valve.html -->
- <!--
- <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
- -->
- <!-- Access log processes all example.
- Documentation at: /docs/config/valve.html
- Note: The pattern used is equivalent to using pattern="common" -->
- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
- prefix="localhost_access_log" suffix=".txt"
- pattern="%h %l %u %t &quot;%r&quot; %s %b" />
- </Host>
- </Engine>
- </Service>
-</Server>
diff --git a/kubernetes/portal/components/portal-sdk/templates/NOTES.txt b/kubernetes/portal/components/portal-sdk/templates/NOTES.txt
deleted file mode 100644
index 496dd8d1a5..0000000000
--- a/kubernetes/portal/components/portal-sdk/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/portal/components/portal-sdk/templates/configmap.yaml b/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
deleted file mode 100644
index 30d2009c3e..0000000000
--- a/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018, 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-onapportalsdk
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTALSDK/*").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
deleted file mode 100644
index 3b94a99286..0000000000
--- a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
+++ /dev/null
@@ -1,182 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018,2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - name: {{ include "common.name" . }}-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - "portal-db"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: {{ include "common.name" . }}-portalsdk-config
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - sh
- args:
- - "-c"
- - |
- cd /config-input && \
- for PFILE in `ls -1 *.xml`
- do
- cp ${PFILE} /config
- chmod 0755 /config/${PFILE}
- done
- cd /config-input && \
- for PFILE in `ls -1 *.properties`
- do
- envsubst <${PFILE} >/config/${PFILE}
- chmod 0755 /config/${PFILE}
- done
- env:
- - name: CASSA_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "login") | indent 12 }}
- - name: CASSA_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "password") | indent 12 }}
- - name: CIPHER_ENC_KEY
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cipher-enc-key" "key" "password") | indent 12 }}
- - name: PORTAL_DB_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "login") | indent 12 }}
- - name: PORTAL_DB_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "password") | indent 12 }}
- volumeMounts:
- - mountPath: /config-input
- name: properties-onapportalsdk-scrubbed
- - mountPath: /config
- name: properties-onapportalsdk
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["bash","-c"]
- {{- if .Values.global.aafEnabled }}
- args: ["export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0);\
- export _JAVA_OPTIONS=\"-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \
- -Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
- /start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
- env:
- - name: CATALINA_OPTS
- value: >
- -Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}"
- -Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}"
- {{- else }}
- args: ["/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
- {{- end }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- - name: properties-onapportalsdk
- mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
- subPath: server.xml
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: properties-onapportalsdk
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/fusion/conf/fusion.properties"
- subPath: fusion.properties
- - name: properties-onapportalsdk
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/conf/system.properties"
- subPath: system.properties
- - name: properties-onapportalsdk
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/portal.properties"
- subPath: portal.properties
- - name: properties-onapportalsdk
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/key.properties"
- subPath: key.properties
- - name: properties-onapportalsdk
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/music.properties"
- subPath: music.properties
- - name: properties-onapportalsdk
- mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/logback.xml"
- subPath: logback.xml
- - name: portal-tomcat-logs
- mountPath: "{{ .Values.global.env.tomcatDir }}/logs"
- - name: var-log-onap
- mountPath: "{{ .Values.log.path }}"
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- {{ include "common.log.sidecar" . | nindent 6 }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: properties-onapportalsdk
- emptyDir:
- medium: Memory
- - name: properties-onapportalsdk-scrubbed
- configMap:
- name: {{ include "common.fullname" . }}-onapportalsdk
- defaultMode: 0755
- {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 8 }}
- - name: var-log-onap
- emptyDir: {}
- - name: portal-tomcat-logs
- emptyDir: {}
-{{ include "common.certInitializer.volumes" . | indent 8 }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/portal/components/portal-sdk/templates/ingress.yaml b/kubernetes/portal/components/portal-sdk/templates/ingress.yaml
deleted file mode 100644
index 8f87c68f1e..0000000000
--- a/kubernetes/portal/components/portal-sdk/templates/ingress.yaml
+++ /dev/null
@@ -1 +0,0 @@
-{{ include "common.ingress" . }}
diff --git a/kubernetes/portal/components/portal-sdk/templates/secrets.yaml b/kubernetes/portal/components/portal-sdk/templates/secrets.yaml
deleted file mode 100644
index 06a17b4009..0000000000
--- a/kubernetes/portal/components/portal-sdk/templates/secrets.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/portal/components/portal-sdk/templates/service.yaml b/kubernetes/portal/components/portal-sdk/templates/service.yaml
deleted file mode 100644
index 56a65227a1..0000000000
--- a/kubernetes/portal/components/portal-sdk/templates/service.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml
deleted file mode 100644
index 1bc6b44852..0000000000
--- a/kubernetes/portal/components/portal-sdk/values.yaml
+++ /dev/null
@@ -1,173 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018, 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- env:
- tomcatDir: "/usr/local/tomcat"
- nodePortPrefix: 302
- persistence: {}
- #AAF service
- aafEnabled: true
-
-################################################################
-# Secrets metaconfig
-#################################################################
-
-secrets:
- - uid: portal-cass
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.cassandra.config.cassandraExternalSecret) . }}'
- login: '{{ .Values.cassandra.config.cassandraUsername }}'
- password: '{{ .Values.cassandra.config.cassandraPassword }}'
- passwordPolicy: required
- - uid: portal-backend-db
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}'
- login: '{{ .Values.mariadb.config.backendUserName }}'
- password: '{{ .Values.mariadb.config.backendPassword }}'
- passwordPolicy: required
- - uid: cipher-enc-key
- type: password
- externalSecret: '{{ .Values.config.cipherEncKeyExternalSecret}}'
- password: '{{ .Values.config.cipherEncKey }}'
- passwordPolicy: required
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-# application image
-image: onap/portal-sdk:3.4.2
-pullPolicy: Always
-
-# application configuration
-config:
- # cipherEncKeyExternalSecret: some secret
- cipherEncKey: AGLDdG4D04BKm2IxIWEr8o==
-
-
-#AAF local config
-aafURL: https://aaf-service:8100/authz/
-certInitializer:
- nameOverride: portal-sdk-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- fqdn: portal
- fqi: portal@portal.onap.org
- public_fqdn: portal.onap.org
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- credsPath: /opt/app/osaaf/local
- app_ns: org.osaaf.aaf
- permission_user: 1000
- permission_group: 999
- keystoreFile: "org.onap.portal.p12"
- truststoreFile: "org.onap.portal.trust.jks"
- aaf_add_config: |
- echo "cadi_truststore_password=$cadi_truststore_password" > {{ .Values.credsPath }}/mycreds.prop
- echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" >> {{ .Values.credsPath }}/mycreds.prop
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- name: portal-sdk
- portName: portal-sdk
- internalPort: 8443
- externalPort: 8443
- nodePort: 12
-
-mariadb:
- service:
- name: portal-db
- config:
- # backendDbExternalSecret: some secret
- backendUserName: portal
- backendPassword: portal
-widget:
- service:
- name: portal-widget
-cassandra:
- service:
- name: portal-cassandra
- config:
- # cassandraExternalSecret: some secret
- cassandraUsername: root
- cassandraPassword: Aa123456
-messageRouter:
- service:
- name: message-router
-
-ingress:
- enabled: false
- service:
- - baseaddr: portal-sdk-api
- name: "portal-sdk"
- port: 8443
- config:
- ssl: "redirect"
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 600m
- memory: 1.6Gi
- requests:
- cpu: 10m
- memory: 1.3Gi
- large:
- limits:
- cpu: 8
- memory: 20Gi
- requests:
- cpu: 4
- memory: 10Gi
- unlimited: {}
-
-# Log configuration
-log:
- path: /var/log/onap
-logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-#Pods Service Account
-serviceAccount:
- nameOverride: portal-sdk
- roles:
- - read
diff --git a/kubernetes/portal/components/portal-widget/.helmignore b/kubernetes/portal/components/portal-widget/.helmignore
deleted file mode 100644
index daebc7da77..0000000000
--- a/kubernetes/portal/components/portal-widget/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/portal/components/portal-widget/Chart.yaml b/kubernetes/portal/components/portal-widget/Chart.yaml
deleted file mode 100644
index b9adb0ca5c..0000000000
--- a/kubernetes/portal/components/portal-widget/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Portal widgets micro service application
-name: portal-widget
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties b/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties
deleted file mode 100644
index f5a900e8ce..0000000000
--- a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties
+++ /dev/null
@@ -1,32 +0,0 @@
-## General App Properties
-server.contextPath=/widget
-server.port=8082
-spring.http.multipart.max-file-size=128MB
-spring.http.multipart.max-request-size=128MB
-microservice.widget.location=/tmp
-
-## App DB Properties
-spring.datasource.url=jdbc:mysql://portal-db:3306/portal
-spring.datasource.username=${PORTAL_DB_USER}
-spring.datasource.password=${PORTAL_DB_PASSWORD}
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect
-spring.database.driver.classname=org.mariadb.jdbc.Driver
-spring.jpa.show-sql=false
-spring.jpa.properties.hibernate.format_sql=false
-
-## Basic Authentication Properties
-security.user.name=${WIDGET_USER}
-security.user.password=${WIDGET_PASSWORD}
-
-initialization.default.widgets=true
-initialization.widgetData.url=http://portal-app:{{.Values.global.portalPort}}/ONAPPORTAL/commonWidgets
-
-## Account Basic Authentication Properties
-account.user.name=${ACC_USER}
-account.user.password=${ACC_PASSWORD}
-
-## Certificate Properties
-#server.ssl.key-store=classpath:widget-keystore.p12
-#server.ssl.key-store-password=ENC(DiIYnAMab4u7rEW2yKhF9zBL00uU55q8)
-#server.ssl.keyStoreType=PKCS12
-#server.ssl.keyAlias=widget-microservice
diff --git a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml b/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml
deleted file mode 100644
index f3da66f882..0000000000
--- a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-jasypt:
- encryptor:
- password: ${JASYPT_ENC_KEY}
diff --git a/kubernetes/portal/components/portal-widget/templates/NOTES.txt b/kubernetes/portal/components/portal-widget/templates/NOTES.txt
deleted file mode 100644
index 496dd8d1a5..0000000000
--- a/kubernetes/portal/components/portal-widget/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/portal/components/portal-widget/templates/configmap.yaml b/kubernetes/portal/components/portal-widget/templates/configmap.yaml
deleted file mode 100644
index 58acd42a69..0000000000
--- a/kubernetes/portal/components/portal-widget/templates/configmap.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-onapwidgetms
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPWIDGETMS/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/portal/components/portal-widget/templates/deployment.yaml b/kubernetes/portal/components/portal-widget/templates/deployment.yaml
deleted file mode 100644
index f0ea980e4b..0000000000
--- a/kubernetes/portal/components/portal-widget/templates/deployment.yaml
+++ /dev/null
@@ -1,140 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - name: {{ include "common.name" . }}-readiness
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /app/ready.py
- args:
- - --container-name
- - "portal-db"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: {{ include "common.name" . }}-portal-widget-config
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - sh
- args:
- - "-c"
- - |
- cd /config-input && \
- for PFILE in `ls -1 *.*`
- do
- envsubst <${PFILE} >/config/${PFILE}
- chmod 0755 /config/${PFILE}
- done
- env:
- - name: PORTAL_DB_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "login") | indent 12 }}
- - name: PORTAL_DB_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "password") | indent 12 }}
- - name: WIDGET_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-widget" "key" "login") | indent 12 }}
- - name: WIDGET_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-widget" "key" "password") | indent 12 }}
- - name: ACC_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-account" "key" "login") | indent 12 }}
- - name: ACC_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-account" "key" "password") | indent 12 }}
- - name: JASYPT_ENC_KEY
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "jasypt-enc-key" "key" "password") | indent 12 }}
- volumeMounts:
- - mountPath: /config-input
- name: properties-onapwidgetms-scrubbed
- - mountPath: /config
- name: properties-onapwidgetms
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /start-wms.sh
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - name: properties-onapwidgetms
- mountPath: "/application.properties"
- subPath: application.properties
- - name: properties-onapwidgetms
- mountPath: "/application.yml"
- subPath: application.yml
- resources: {{ include "common.resources" . | nindent 10 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: properties-onapwidgetms
- emptyDir:
- medium: Memory
- - name: properties-onapwidgetms-scrubbed
- configMap:
- name: {{ include "common.fullname" . }}-onapwidgetms
- defaultMode: 0755
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/portal/components/portal-widget/templates/secret.yaml b/kubernetes/portal/components/portal-widget/templates/secret.yaml
deleted file mode 100644
index 9a3f011e80..0000000000
--- a/kubernetes/portal/components/portal-widget/templates/secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/portal/components/portal-widget/templates/service.yaml b/kubernetes/portal/components/portal-widget/templates/service.yaml
deleted file mode 100644
index 5197841189..0000000000
--- a/kubernetes/portal/components/portal-widget/templates/service.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/portal/components/portal-widget/values.yaml b/kubernetes/portal/components/portal-widget/values.yaml
deleted file mode 100644
index dfa51d8c7b..0000000000
--- a/kubernetes/portal/components/portal-widget/values.yaml
+++ /dev/null
@@ -1,132 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
-
-################################################################
-# Secrets metaconfig
-#################################################################
-
-secrets:
- - uid: portal-backend-db
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}'
- login: '{{ .Values.mariadb.config.backendUserName }}'
- password: '{{ .Values.mariadb.config.backendPassword }}'
- passwordPolicy: required
- - uid: portal-widget
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.widgetCredsExternalSecret) . }}'
- login: '{{ .Values.config.widgetUsername }}'
- password: '{{ .Values.config.widgetPassword }}'
- passwordPolicy: required
- - uid: portal-account
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.accountCredsExternalSecret) . }}'
- login: '{{ .Values.config.accountUsername }}'
- password: '{{ .Values.config.accountPassword }}'
- passwordPolicy: required
- - uid: jasypt-enc-key
- type: password
- externalSecret: '{{ .Values.config.jasyptEncKeyExternalSecret}}'
- password: '{{ .Values.config.jasyptEncKey }}'
- passwordPolicy: required
-
-config:
- widgetUsername: widget_user
- widgetPassword: widget_pass
-# widgetCredsExternalSecret: some secret
- accountUsername: portal
- accountPassword: portal
-# accountCredsExternalSecret: some secret
- jasyptEncKey: EncryptionKey
- # jasyptEncKeyExternalSecret: some secret
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/portal-wms:3.4.2
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-mariadb:
- service:
- name: portal-db
- config:
- # backendDbExternalSecret: some secret
- backendUserName: portal
- backendPassword: portal
-
-service:
- type: ClusterIP
- name: portal-widget
- portName: portal-widget
- externalPort: 8082
- internalPort: 8082
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 430Mi
- requests:
- cpu: 1m
- memory: 360Mi
- large:
- limits:
- cpu: 2
- memory: 8Gi
- requests:
- cpu: 1
- memory: 4Gi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: portal-widget
- roles:
- - read \ No newline at end of file
diff --git a/kubernetes/portal/docker/init/mariadb-client/Dockerfile b/kubernetes/portal/docker/init/mariadb-client/Dockerfile
deleted file mode 100644
index a46b225be0..0000000000
--- a/kubernetes/portal/docker/init/mariadb-client/Dockerfile
+++ /dev/null
@@ -1,53 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-FROM boxfuse/flyway:5.0.7-alpine
-
-ARG branch=3.0.0-ONAP
-ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST"
-# Setup Corporate proxy
-ENV https_proxy ${HTTP_PROXY}
-ENV http_proxy ${HTTPS_PROXY}
-
-RUN apk add --update \
- mariadb-client=10.1.32-r0 \
- git \
- && rm -rf /var/cache/apk/*
-
-ENV so_branch=$branch
-#ENV policy_branch: $branch
-ENV portal_branch=$branch
-#ENV sdnc_branch: $branch
-#ENV vid_branch: $branch
-#ENV clamp_branch: $branch
-
-ENV so_repo=http://gerrit.onap.org/r/so/docker-config.git
-#ENV policy_repo: http://gerrit.onap.org/r/policy/docker.git
-ENV portal_repo=http://gerrit.onap.org/r/portal.git
-#ENV sdnc_repo: http://gerrit.onap.org/r/sdnc/oam.git
-#ENV vid_repo: http://gerrit.onap.org/r/vid.git
-#ENV clamp_repo: http://gerrit.onap.org/r/clamp.git
-
-RUN mkdir -p /onap-sources
-WORKDIR /onap-sources
-
-RUN git clone -b $branch $portal_repo && cd portal && git checkout HEAD
-RUN git clone -b $branch $so_repo && cd docker-config && git checkout HEAD
-
-VOLUME /onap-sources
-
-COPY db_migrate.sh /root
-
-RUN chmod a+x /root/db_migrate.sh
-ENTRYPOINT /root/db_migrate.sh
diff --git a/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh b/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh
deleted file mode 100644
index 2b90a994c3..0000000000
--- a/kubernetes/portal/docker/init/mariadb-client/db_migrate.sh
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/sh -x
-
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-SQL_DEST_DIR=${SQL_DEST_DIR:-/tmp/sql}
-DB_PORT=${DB_PORT:-3306}
-
-[ -z "$SQL_SRC_DIR" ] && { echo "Error: SQL_SRC_DIR must be provided as an environment variable"; exit 1; }
-[ -z "$DB_USER" ] && { echo "Error: DB_USER must be provided as an environment variable"; exit 1; }
-[ -z "$DB_PASS" ] && { echo "Error: DB_PASS must be provided as an environment variable"; exit 1; }
-[ -z "$DB_HOST" ] && { echo "Error: DB_HOST must be provided as an environment variable"; exit 1; }
-
-mkdir -p $SQL_DEST_DIR
-
-#Find all sql files and copy them to the destination directory
-find "/onap-sources/$SQL_SRC_DIR" -type f -iname "*.sql" | awk -v dest="$SQL_DEST_DIR" '{n=split($1,a,"/"); system(sprintf( "cp %s %s", $1, dest"/"a[n])) }'
-
-
-#Not needed right now?
-#--database=$DB_NAME
-
-#--force to deal with duplicate records in absense of "insert ignore"
-##ERROR 1062 (23000) at line 382: Duplicate entry '2' for key 'PRIMARY'
-
-cd $SQL_DEST_DIR
-cat *.sql | mysql -vv --user=$DB_USER --password=$DB_PASS --host=$DB_HOST --port=$DB_PORT --force
diff --git a/kubernetes/portal/resources/config/log/filebeat/filebeat.yml b/kubernetes/portal/resources/config/log/filebeat/filebeat.yml
deleted file mode 100644
index 56ed10a50c..0000000000
--- a/kubernetes/portal/resources/config/log/filebeat/filebeat.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-filebeat.prospectors:
-#it is mandatory, in our case it's log
-- input_type: log
- #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
- paths:
- - /var/log/onap/*/*/*/*.log
- - /var/log/onap/*/*/*.log
- - /var/log/onap/*/*.log
- #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
- ignore_older: 48h
- # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
- clean_inactive: 96h
-
-
-# Name of the registry file. If a relative path is used, it is considered relative to the
-# data path. Else full qualified file name.
-#filebeat.registry_file: ${path.data}/registry
-
-
-output.logstash:
- #List of logstash server ip addresses with port number.
- #But, in our case, this will be the loadbalancer IP address.
- #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
- hosts: ["{{.Values.config.logstashServiceName}}:{{.Values.config.logstashPort}}"]
- #If enable will do load balancing among availabe Logstash, automatically.
- loadbalance: true
-
- #The list of root certificates for server verifications.
- #If certificate_authorities is empty or not set, the trusted
- #certificate authorities of the host system are used.
- #ssl.certificate_authorities: $ssl.certificate_authorities
-
- #The path to the certificate for SSL client authentication. If the certificate is not specified,
- #client authentication is not available.
- #ssl.certificate: $ssl.certificate
-
- #The client certificate key used for client authentication.
- #ssl.key: $ssl.key
-
- #The passphrase used to decrypt an encrypted key stored in the configured key file
- #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/kubernetes/portal/templates/configmap.yaml b/kubernetes/portal/templates/configmap.yaml
deleted file mode 100644
index 681f24eff3..0000000000
--- a/kubernetes/portal/templates/configmap.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.log.configMap" . }}
diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml
deleted file mode 100644
index 0e6c9d63f5..0000000000
--- a/kubernetes/portal/values.yaml
+++ /dev/null
@@ -1,90 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018, 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- env:
- tomcatDir: "/usr/local/tomcat"
- # portal frontend port
- portalPort: "8989"
- portalFEPort: "30225"
- # application's front end hostname. Must be resolvable on the client side environment
- portalHostName: "portal.api.simpledemo.onap.org"
-
- centralizedLoggingEnabled: true
-
-#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
- - uid: portal-cass
- name: &dbSecretName '{{ include "common.release" . }}-portal-cass-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.casandraCredsExternalSecret) . }}'
- login: '{{ .Values.config.cassandraUsername }}'
- password: '{{ .Values.config.cassandraPassword }}'
- - uid: portal-backend-db
- name: &backendDbSecretName '{{ include "common.release" . }}-portal-backend-creds'
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}'
- login: '{{ .Values.mariadb.config.backendUserName }}'
- password: '{{ .Values.mariadb.config.backendPassword }}'
- passwordPolicy: required
-
-config:
- logstashServiceName: log-ls
- logstashPort: 5044
- cassandraUsername: root
- cassandraPassword: Aa123456
-# casandraCredsExternalSecret: some secret
-
-portal-mariadb:
- nameOverride: portal-db
-mariadb:
- service:
- name: portal-db
- config:
-# backendDbExternalSecret: some secret
- backendUserName: portal
- backendPassword: portal
-
-widget:
- service:
- name: portal-widget
-cassandra:
- service:
- name: portal-cassandra
- config:
- cassandraExternalSecret: *dbSecretName
-portal-app:
- mariadb:
- config:
- backendDbExternalSecret: *backendDbSecretName
- cassandra:
- config:
- cassandraExternalSecret: *dbSecretName
- logConfigMapNamePrefix: '{{ include "common.release" . }}-portal'
-portal-sdk:
- mariadb:
- config:
- backendDbExternalSecret: *backendDbSecretName
- cassandra:
- config:
- cassandraExternalSecret: *dbSecretName
- logConfigMapNamePrefix: '{{ include "common.release" . }}-portal'
-messageRouter:
- service:
- name: message-router
-ingress:
- enabled: false
diff --git a/kubernetes/sdc/components/sdc-cs/templates/job.yaml b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
index 31ab047c7a..e8f8700616 100644
--- a/kubernetes/sdc/components/sdc-cs/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
@@ -64,6 +64,8 @@ spec:
mountPath: /home/sdc/chef-solo/environments/
- name: {{ include "common.fullname" . }}-chef-cache
mountPath: /home/sdc/chef-solo/cache
+ - name: {{ include "common.fullname" . }}-cqlshrc
+ mountPath: /home/sdc/.cassandra
env:
- name: ENVNAME
value: {{ .Values.env.name }}
@@ -98,6 +100,9 @@ spec:
defaultMode: 0755
- name: {{ include "common.fullname" . }}-chef-cache
emptyDir: {}
+ - name: {{ include "common.fullname" . }}-cqlshrc
+ configMap:
+ name: {{ include "common.release" . }}-sdc-cqlshrc
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
restartPolicy: Never
diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
index f58fca7a07..2f943d7c52 100644
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -26,12 +26,22 @@ global:
#should be sdc-cs if this flag is enabled
localCluster: false
#The cassandra service name to connect to (default: shared cassandra service)
+ #in case of using k8ssandra-operator in the common cassandra installation
+ #the service name is:
+ #serviceName: cassandra-dc1-service
+ #in case of local k8ssandra-operator instance it is
+ #serviceName: sdc-cs-dc1-service
+ #in case the older cassandra installation is used:
serviceName: cassandra
+
#Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
#to match with its own cluster replica
replicaCount: 3
clusterName: cassandra
+ #datacenter name (use "dc1" in case of k8ssandra-operator, otherwise "Pod")
dataCenter: Pod
+ #cqlVersion for cassandra 3.11.* must be "3.4.4" and cassandra 4.* must be "3.4.5"
+ cqlVersion: "3.4.4"
#################################################################
# Application configuration defaults.
@@ -48,6 +58,10 @@ cassandra:
persistence:
mountSubPath: sdc/sdc-cs/CS
enabled: true
+ k8ssandraOperator:
+ enabled: false
+ config:
+ clusterName: sdc-cs
# application image
repository: nexus3.onap.org:10001
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
index 41996ff4cd..43a4902996 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
@@ -65,6 +65,8 @@ spec:
volumeMounts:
- name: {{ include "common.fullname" . }}-environments
mountPath: /home/sdc/chef-solo/environments/
+ - name: {{ include "common.fullname" . }}-cqlshrc
+ mountPath: /home/sdc/.cassandra
env:
- name: ENVNAME
value: {{ .Values.env.name }}
@@ -96,6 +98,9 @@ spec:
configMap:
name: {{ include "common.release" . }}-sdc-environments-configmap
defaultMode: 0755
+ - name: {{ include "common.fullname" . }}-cqlshrc
+ configMap:
+ name: {{ include "common.release" . }}-sdc-cqlshrc
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
restartPolicy: Never
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
index 9ba05b8631..b9abef8462 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
@@ -65,6 +65,9 @@ spec:
- /bin/sh
- -c
{{- end }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-cqlshrc
+ mountPath: /home/sdc/.cassandra
env:
- name: CS_HOST
value: "{{ .Values.global.sdc_cassandra.serviceName }}"
@@ -78,6 +81,10 @@ spec:
valueFrom: {secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}}
resources: {{ include "common.resources" . | nindent 10 }}
{{ include "common.waitForJobContainer" . | indent 6 | trim }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-cqlshrc
+ configMap:
+ name: {{ include "common.release" . }}-sdc-cqlshrc
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{ end }}
diff --git a/kubernetes/sdc/resources/config/cqlshrc b/kubernetes/sdc/resources/config/cqlshrc
new file mode 100644
index 0000000000..cb6df94880
--- /dev/null
+++ b/kubernetes/sdc/resources/config/cqlshrc
@@ -0,0 +1,2 @@
+[cql]
+version={{.Values.global.sdc_cassandra.cqlVersion}} \ No newline at end of file
diff --git a/kubernetes/sdc/templates/configmap.yaml b/kubernetes/sdc/templates/configmap.yaml
index 712f2ecc61..dee73ba711 100644
--- a/kubernetes/sdc/templates/configmap.yaml
+++ b/kubernetes/sdc/templates/configmap.yaml
@@ -28,4 +28,17 @@ metadata:
data:
{{ tpl (.Files.Glob "resources/config/environments/*").AsConfig . | indent 2 }}
---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.release" . }}-sdc-cqlshrc
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/cqlshrc").AsConfig . | indent 2 }}
+---
{{ include "common.log.configMap" . }}
diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml
index cba33628c3..955ac4b46e 100644
--- a/kubernetes/sdc/values.yaml
+++ b/kubernetes/sdc/values.yaml
@@ -26,20 +26,28 @@ global:
keystore_password: PyhrUCFZdXIhWyohWTUhRV5mKFpLYzMx
wf_external_user_password: S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
sdc_cassandra:
- #This flag allows SDC to instantiate its own cluster, serviceName
- #should be "sdc-cs" if this flag is enabled
- localCluster: false
- #The cassandra service name to connect to (default: shared cassandra service)
- serviceName: cassandra
- #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
- #to match with its own cluster replica
- #see "cassandra: replicaCount" in file sdc-cs/values.yaml)
- replicaCount: 3
- dbCache: true
- readConsistencyLevel: ONE
- writeConsistencyLevel: ALL
- clusterName: cassandra
- dataCenter: Pod
+ #This flag allows SDC to instantiate its own cluster, serviceName
+ #should be "sdc-cs" if this flag is enabled
+ localCluster: false
+ #The cassandra service name to connect to (default: shared cassandra service)
+ #in case of using k8ssandra-operator in the common cassandra installation
+ #the service name is:
+ #serviceName: cassandra-dc1-service
+ #in case the older cassandra installation is used:
+ serviceName: cassandra
+ #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+ #to match with its own cluster replica
+ #see "cassandra: replicaCount" in file sdc-cs/values.yaml)
+ replicaCount: 3
+ dbCache: true
+ readConsistencyLevel: ONE
+ writeConsistencyLevel: ALL
+ clusterName: cassandra
+ #datacenter name (use "dc1" in case of k8ssandra-operator, otherwise "Pod")
+ dataCenter: Pod
+ #cqlVersion for cassandra 3.11.* must be "3.4.4" and cassandra 4.* must be "3.4.5"
+ cqlVersion: "3.4.4"
+
centralizedLoggingEnabled: true
# global Kafka config passed to sdc-be chart
kafka:
diff --git a/kubernetes/sniro-emulator/.helmignore b/kubernetes/sniro-emulator/.helmignore
deleted file mode 100644
index f0c1319444..0000000000
--- a/kubernetes/sniro-emulator/.helmignore
+++ /dev/null
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
diff --git a/kubernetes/sniro-emulator/Chart.yaml b/kubernetes/sniro-emulator/Chart.yaml
deleted file mode 100644
index dddacebcba..0000000000
--- a/kubernetes/sniro-emulator/Chart.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Mock Sniro Emulator
-name: sniro-emulator
-version: 12.0.0
-
-dependencies:
- - name: common
- version: ~12.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
- - name: repositoryGenerator
- version: ~12.x-0
- repository: '@local'
diff --git a/kubernetes/sniro-emulator/templates/NOTES.txt b/kubernetes/sniro-emulator/templates/NOTES.txt
deleted file mode 100644
index c233cade6b..0000000000
--- a/kubernetes/sniro-emulator/templates/NOTES.txt
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ .Chart.Name }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/sniro-emulator/templates/deployment.yaml b/kubernetes/sniro-emulator/templates/deployment.yaml
deleted file mode 100644
index 50b3c5b780..0000000000
--- a/kubernetes/sniro-emulator/templates/deployment.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- {{ if .Values.liveness.enabled }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- resources: {{ include "common.resources" . | nindent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sniro-emulator/templates/service.yaml b/kubernetes/sniro-emulator/templates/service.yaml
deleted file mode 100644
index 9119071ab2..0000000000
--- a/kubernetes/sniro-emulator/templates/service.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName | default "http" }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
diff --git a/kubernetes/sniro-emulator/values.yaml b/kubernetes/sniro-emulator/values.yaml
deleted file mode 100644
index 8f43a4f46b..0000000000
--- a/kubernetes/sniro-emulator/values.yaml
+++ /dev/null
@@ -1,75 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global: # global defaults
- nodePortPrefix: 302
-
-# application image
-image: onap/sniroemulator:1.0.0
-pullPolicy: IfNotPresent
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- name: sniro-emulator
- internalPort: 9999
- externalPort: 80
- nodePort: 88
- portName: http
-
-ingress:
- enabled: false
-
-resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-#resources:
-# limits:
-# cpu: 2
-# memory: 4Gi
-# requests:
-# cpu: 2
-# memory: 4Gi
diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml
index 8963cf3cda..58dcd6494e 100644
--- a/kubernetes/strimzi/values.yaml
+++ b/kubernetes/strimzi/values.yaml
@@ -30,7 +30,7 @@ global:
#################################################################
replicaCount: 3
config:
- kafkaVersion: 3.2.3
+ kafkaVersion: 3.4.0
authType: simple
saslMechanism: &saslMech scram-sha-512
kafkaInternalPort: &plainPort 9092
@@ -146,4 +146,4 @@ strimzi-kafka-bridge:
config:
saslMechanism: *saslMech
kafkaInternalPort: *plainPort
- strimziKafkaAdminUser: *adminUser \ No newline at end of file
+ strimziKafkaAdminUser: *adminUser
diff --git a/kubernetes/uui/components/uui-intent-analysis/resources/config/intent-analysis-init.sql b/kubernetes/uui/components/uui-intent-analysis/resources/config/intent-analysis-init.sql
index ac3eaf0fed..323deef209 100644
--- a/kubernetes/uui/components/uui-intent-analysis/resources/config/intent-analysis-init.sql
+++ b/kubernetes/uui/components/uui-intent-analysis/resources/config/intent-analysis-init.sql
@@ -21,7 +21,8 @@ CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
create table if not exists intent(
intent_id varchar(255) primary key,
- intent_name varchar(255)
+ intent_name varchar(255),
+ intent_generateType VARCHAR (225)
);
create table if not exists expectation(
@@ -89,3 +90,21 @@ create table if not exists intent_management_function_reg_info(
handle_name varchar(255),
intent_function_type varchar(255)
);
+
+create table if not exists intent_event_record(
+ id varchar(255) DEFAULT uuid_generate_v4 (),
+ intent_id varchar(255),
+ intent_name varchar(255),
+ intent_status varchar (225),
+ operate_type varchar (225),
+ parent_id varchar(255)
+ );
+
+-- ----------------------------
+-- Records of intent_management_function_reg_info
+-- ----------------------------
+
+insert into intent_management_function_reg_info(imfr_info_id, imfr_info_description, support_area, support_model, support_interfaces, handle_name, intent_function_type) select 'CLLBusinessId','CLLBusiness','CLLBUSINESS',null,'CREATE,DELETE,UPDATE,SEARCH','CLLBusinessIntentManagementFunction','INTERNALFUNCTION' where not exists(select * from intent_management_function_reg_info where imfr_info_id='CLLBusinessId' )
+insert into intent_management_function_reg_info(imfr_info_id, imfr_info_description, support_area, support_model, support_interfaces, handle_name, intent_function_type) select 'CLLDeliveryId','CLLDelivery','CLLBUSINESS,DELIVERY',null,'CREATE,DELETE,UPDATE,SEARCH','CLLDeliveryIntentManagementFunction','INTERNALFUNCTION' where not exists(select * from intent_management_function_reg_info where imfr_info_id='CLLDeliveryId' )
+insert into intent_management_function_reg_info(imfr_info_id, imfr_info_description, support_area, support_model, support_interfaces, handle_name, intent_function_type) select 'CLLAssuranceId','CLLAssurance','CLLBUSINESS,ASSURANCE',null,'CREATE,DELETE,UPDATE,SEARCH','CLLAssuranceIntentManagementFunction','INTERNALFUNCTION' where not exists(select * from intent_management_function_reg_info where imfr_info_id='CLLAssuranceId' )
+