aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--INFO.yaml55
-rw-r--r--docs/oom_hardcoded_certificates.rst4
-rw-r--r--docs/oom_project_description.rst2
-rw-r--r--docs/oom_quickstart_guide.rst9
-rw-r--r--docs/oom_user_guide.rst4
-rw-r--r--docs/release-notes-amsterdam.rst73
-rw-r--r--docs/release-notes-beijing.rst425
-rw-r--r--docs/release-notes-casablanca.rst76
-rw-r--r--docs/release-notes-dublin.rst79
-rw-r--r--docs/release-notes-elalto.rst81
-rw-r--r--docs/release-notes.rst834
-rw-r--r--kubernetes/aaf/Makefile50
-rw-r--r--kubernetes/aaf/components/Makefile50
-rw-r--r--kubernetes/aaf/components/aaf-cass/.helmignore (renamed from kubernetes/aaf/charts/aaf-cass/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-cass/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/requirements.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/pvc.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/values.yaml (renamed from kubernetes/aaf/charts/aaf-cass/values.yaml)21
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/.helmignore22
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/Chart.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/requirements.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jksbin0 -> 4067 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jksbin0 -> 4110 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12bin0 -> 4683 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json3
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/root.crt33
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json24
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/truststore.jksbin0 -> 1730 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml123
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml56
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/templates/service.yaml17
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/values.yaml160
-rw-r--r--kubernetes/aaf/components/aaf-cm/.helmignore (renamed from kubernetes/aaf/charts/aaf-cm/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-cm/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-cm/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/values.yaml (renamed from kubernetes/aaf/charts/aaf-cm/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-fs/.helmignore (renamed from kubernetes/aaf/charts/aaf-fs/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-fs/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-fs/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/values.yaml (renamed from kubernetes/aaf/charts/aaf-fs/values.yaml)24
-rw-r--r--kubernetes/aaf/components/aaf-gui/.helmignore (renamed from kubernetes/aaf/charts/aaf-gui/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-gui/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-gui/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/values.yaml (renamed from kubernetes/aaf/charts/aaf-gui/values.yaml)26
-rw-r--r--kubernetes/aaf/components/aaf-hello/.helmignore (renamed from kubernetes/aaf/charts/aaf-hello/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-hello/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/secret.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/secret.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/values.yaml (renamed from kubernetes/aaf/charts/aaf-hello/values.yaml)2
-rw-r--r--kubernetes/aaf/components/aaf-locate/.helmignore (renamed from kubernetes/aaf/charts/aaf-locate/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-locate/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-locate/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/values.yaml (renamed from kubernetes/aaf/charts/aaf-locate/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-oauth/.helmignore (renamed from kubernetes/aaf/charts/aaf-oauth/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/values.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-service/.helmignore (renamed from kubernetes/aaf/charts/aaf-service/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-service/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-service/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-service/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-service/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-service/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/values.yaml (renamed from kubernetes/aaf/charts/aaf-service/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-sms/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sms/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem26
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/config/has.json (renamed from kubernetes/aaf/charts/aaf-sms/resources/config/has.json)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/config/osdf.json (renamed from kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml)30
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/job.yaml)8
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/pvc.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/secret.yaml32
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/values.yaml (renamed from kubernetes/aaf/charts/aaf-sms/values.yaml)38
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/README.md (renamed from kubernetes/aaf/charts/aaf-sshsm/README.md)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/requirements.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/requirements.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd (renamed from kubernetes/aaf/charts/aaf-sshsm/resources/config/prk_passwd)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle (renamed from kubernetes/aaf/charts/aaf-sshsm/resources/config/srk_handle)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/secret.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/values.yaml)18
-rw-r--r--kubernetes/aaf/components/aaf-templates/Chart.yaml19
-rw-r--r--kubernetes/aaf/components/aaf-templates/requirements.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl (renamed from kubernetes/aaf/templates/_deployment.tpl)0
-rw-r--r--kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl (renamed from kubernetes/aaf/templates/_initContainers.tpl)0
-rw-r--r--kubernetes/aaf/components/aaf-templates/values.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/secret.yaml)6
-rw-r--r--kubernetes/aaf/requirements.yaml36
-rw-r--r--kubernetes/aaf/values.yaml12
m---------kubernetes/aai0
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties2
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml2
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/values.yaml2
-rwxr-xr-xkubernetes/cds/charts/cds-command-executor/values.yaml2
-rwxr-xr-xkubernetes/cds/charts/cds-py-executor/values.yaml2
-rw-r--r--kubernetes/cds/charts/cds-sdc-listener/values.yaml2
-rw-r--r--kubernetes/cds/charts/cds-ui/values.yaml2
-rw-r--r--kubernetes/clamp/charts/clamp-backend/values.yaml2
-rw-r--r--kubernetes/clamp/values.yaml2
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml2
-rw-r--r--kubernetes/common/certInitializer/values.yaml1
-rw-r--r--kubernetes/common/common/templates/_ingress.tpl2
-rw-r--r--kubernetes/common/dgbuilder/templates/deployment.yaml5
-rw-r--r--kubernetes/common/etcd/templates/statefulset.yaml5
-rw-r--r--kubernetes/common/mariadb-galera/resources/create-deployment.yml50
-rw-r--r--kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh142
-rw-r--r--kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh101
-rw-r--r--kubernetes/common/mariadb-galera/templates/configmap.yaml37
-rw-r--r--kubernetes/common/mariadb-galera/templates/job.yaml109
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml5
-rwxr-xr-xkubernetes/common/mariadb-init/resources/config/db_init.sh5
-rw-r--r--kubernetes/common/mongo/templates/statefulset.yaml5
-rw-r--r--kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml5
-rw-r--r--kubernetes/common/network-name-gen/templates/deployment.yaml5
-rw-r--r--kubernetes/common/postgres/templates/_deployment.tpl5
-rw-r--r--kubernetes/common/readinessCheck/templates/_readinessCheck.tpl4
-rw-r--r--kubernetes/common/serviceAccount/Chart.yaml18
-rw-r--r--kubernetes/common/serviceAccount/requirements.yaml18
-rw-r--r--kubernetes/common/serviceAccount/templates/role-binding.yaml33
-rw-r--r--kubernetes/common/serviceAccount/templates/role.yaml105
-rw-r--r--kubernetes/common/serviceAccount/templates/service-account.yaml24
-rw-r--r--kubernetes/common/serviceAccount/values.yaml29
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml10
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml16
-rw-r--r--kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml12
-rw-r--r--kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml2
-rw-r--r--kubernetes/dcaegen2/resources/expected-components.json10
-rw-r--r--kubernetes/dcaegen2/templates/configmap.yaml24
-rw-r--r--kubernetes/dcaegen2/values.yaml22
-rw-r--r--kubernetes/dcaemod/Makefile5
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml22
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml22
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml64
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/templates/service.yaml18
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml69
-rw-r--r--kubernetes/dcaemod/requirements.yaml11
-rw-r--r--kubernetes/dcaemod/resources/expected-components.json10
-rw-r--r--kubernetes/dcaemod/templates/configmap.yaml24
-rw-r--r--kubernetes/dcaemod/values.yaml39
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml4
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml5
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml73
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml45
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml44
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/values.yaml19
-rw-r--r--kubernetes/onap/Chart.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml47
-rwxr-xr-xkubernetes/onap/values.yaml34
-rw-r--r--kubernetes/portal/components/portal-sdk/requirements.yaml3
-rw-r--r--kubernetes/portal/components/portal-sdk/resources/server/server.xml4
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/configmap.yaml14
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/deployment.yaml18
-rw-r--r--kubernetes/portal/components/portal-sdk/values.yaml20
m---------kubernetes/robot0
-rw-r--r--kubernetes/sdc/charts/sdc-be/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-cs/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-fe/values.yaml2
-rw-r--r--kubernetes/sdc/charts/sdc-onboarding-be/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-be/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-wfd-fe/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/dmaap-listener/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/sdnc-portal/values.yaml2
-rw-r--r--kubernetes/sdnc/charts/ueb-listener/values.yaml2
-rw-r--r--kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg202
-rw-r--r--kubernetes/sdnc/values.yaml2
-rw-r--r--kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jksbin2344 -> 4641 bytes
-rwxr-xr-xkubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml10
232 files changed, 3415 insertions, 1106 deletions
diff --git a/INFO.yaml b/INFO.yaml
index b440169e6b..553527bcbc 100644
--- a/INFO.yaml
+++ b/INFO.yaml
@@ -4,11 +4,11 @@ project_creation_date: '2017-06-15'
lifecycle_state: 'Incubation'
project_category: ''
project_lead: &onap_releng_ptl
- name: 'Mike Elliott'
- email: 'mike.elliott@amdocs.com'
- id: 'melliott'
- company: 'Amdocs'
- timezone: 'Canada/Ontario'
+ name: 'Sylvain Desbureaux'
+ email: 'sylvain.desbureaux@orange.com'
+ id: 'sdesbure'
+ company: 'Orange'
+ timezone: 'Paris/France'
primary_contact: *onap_releng_ptl
issue_tracking:
type: 'jira'
@@ -31,51 +31,16 @@ repositories:
- 'oom'
committers:
- <<: *onap_releng_ptl
- - name: 'Alexis de Talhouët'
- email: 'adetalhouet89@gmail.com'
- company: 'Bell Canada'
- id: 'adetalhouet'
- timezone: 'Canada/Montreal'
+ - name: 'Mike Elliott'
+ email: 'mike.elliott@amdocs.com'
+ id: 'melliott'
+ company: 'Amdocs'
+ timezone: 'Canada/Ontario'
- name: 'Borislav Glozman'
email: 'Borislav.Glozman@amdocs.com'
company: 'Amdocs'
id: 'BorislavG'
timezone: 'Israel/Raanana'
- - name: 'James MacNider'
- email: 'James.MacNider@amdocs.com'
- company: 'Amdocs'
- id: 'jmac'
- timezone: 'Canada/Ontario'
- - name: 'Hong Guan'
- email: 'hg4105@att.com'
- company: 'ATT'
- id: 'hg4105'
- timezone: 'Not/Defined'
- - name: 'Jun (Nicolas) Hu'
- email: 'jh245g@att.com'
- company: 'ATT'
- id: 'jh245g'
- timezone: 'America/New_York'
- - name: 'Xue Gao'
- email: 'xg353y@intl.att.com'
- company: 'ATT'
- id: 'xuegao'
- timezone: 'Belgium/Namur'
- - name: 'Brian Freeman'
- email: 'bf1936@att.com'
- company: 'ATT'
- id: 'bdfreeman1421'
- timezone: 'America/New_York'
- - name: 'Yang Xu'
- email: 'Yang.Xu3@huawei.com'
- company: 'Huawei'
- id: 'xuyang11'
- timezone: 'America/New_York'
- - name: 'Sylvain Desbureaux'
- email: 'sylvain.desbureaux@orange.com'
- company: 'Orange'
- id: 'sdesbure'
- timezone: 'Paris/France'
- name: 'Krzysztof Opasiak'
email: 'k.opasiak@samsung.com'
company: 'Samsung'
diff --git a/docs/oom_hardcoded_certificates.rst b/docs/oom_hardcoded_certificates.rst
index 9cf11c5b26..085beaa4d1 100644
--- a/docs/oom_hardcoded_certificates.rst
+++ b/docs/oom_hardcoded_certificates.rst
@@ -14,6 +14,10 @@ Here's the list of these certificates:
+-----------------------------------------------------------------------------------------------------------------------------------------------------+
| Project | ONAP Certificate | Own Certificate | MSB Certificate | Path |
+==================+==================+==================+============================================================================================+
+ | AAF | No | Yes | No | aaf/charts/aaf-cert-service/resources/ |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | AAF | Yes | No | No | aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
| AAI | Yes | No | No | aai/oom/resources/config/haproxy/aai.pem |
+------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
| AAI | Yes | No | No | aai/oom/resources/config/aai/aai_keystore |
diff --git a/docs/oom_project_description.rst b/docs/oom_project_description.rst
index b8c18dc93f..034d0a48c9 100644
--- a/docs/oom_project_description.rst
+++ b/docs/oom_project_description.rst
@@ -41,7 +41,7 @@ The OOM documentation is broken into four different areas each targeted at a dif
- :ref:`cloud-setup-guide-label` - a guide for those setting up cloud environments that ONAP will use
- :ref:`hardcoded-certiticates-label` - the list of all hardcoded certificates sets in ONAP installation
-The :ref:`release-notes-label` for OOM describe the incremental features per release.
+The :ref:`release_notes` for OOM describe the incremental features per release.
Component Orchestration Overview
================================
diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst
index 364f14e923..78af191872 100644
--- a/docs/oom_quickstart_guide.rst
+++ b/docs/oom_quickstart_guide.rst
@@ -21,9 +21,10 @@ available), follow the following instructions to deploy ONAP.
> cd oom/kubernetes
where <BRANCH> can be an offical release tag, such as
-4.0.0-ONAP for Dublin
-5.0.1-ONAP for El Alto
-6.0.0-ONAP for Frankfurt
+
+* 4.0.0-ONAP for Dublin
+* 5.0.1-ONAP for El Alto
+* 6.0.0 for Frankfurt
**Step 2.** Install Helm Plugins required to deploy ONAP::
@@ -155,7 +156,7 @@ follows::
**Step 6.** Build a local Helm repository (from the kubernetes directory)::
- > make all; make onap
+ > make SKIP_LINT=TRUE all; make SKIP_LINT=TRUE onap
**Step 7.** Display the onap charts that available to be deployed::
diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst
index 7340ddf7fd..847795dc17 100644
--- a/docs/oom_user_guide.rst
+++ b/docs/oom_user_guide.rst
@@ -115,7 +115,7 @@ stable which should be removed to avoid confusion::
To prepare your system for an installation of ONAP, you'll need to::
- > git clone -b frankfurt http://gerrit.onap.org/r/oom
+ > git clone -b frankfurt --recurse-submodules -j2 http://gerrit.onap.org/r/oom
> cd oom/kubernetes
@@ -137,7 +137,7 @@ To get a list of all of the available Helm chart repositories::
Then build your local Helm repository::
- > make all
+ > make SKIP_LINT=TRUE all
The Helm search command reads through all of the repositories configured on the
system, and looks for matches::
diff --git a/docs/release-notes-amsterdam.rst b/docs/release-notes-amsterdam.rst
new file mode 100644
index 0000000000..79d2e302f4
--- /dev/null
+++ b/docs/release-notes-amsterdam.rst
@@ -0,0 +1,73 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International
+.. License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
+.. reserved.
+.. _release_notes_amsterdam:
+
+ONAP Operations Manager Release Notes
+=====================================
+
+Version: 1.1.0
+--------------
+
+:Release Date: 2017-11-16
+
+**New Features**
+
+The Amsterdam release is the first release of the ONAP Operations Manager
+(OOM).
+
+The main goal of the Amsterdam release was to:
+
+ - Support Flexible Platform Deployment via Kubernetes of fully
+ containerized ONAP components - on any type of environment.
+ - Support State Management of ONAP platform components.
+ - Support full production ONAP deployment and any variation of component
+ level deployment for development.
+ - Platform Operations Orchestration / Control Loop Actions.
+ - Platform centralized logging with ELK stack.
+
+**Bug Fixes**
+
+ The full list of implemented user stories and epics is available on
+ `JIRA <https://jira.onap.org/secure/RapidBoard.jspa?rapidView=41&view=planning.nodetail&epics=visible>`_
+ This is the first release of OOM, the defects fixed in this release were
+ raised during the course of the release.
+ Anything not closed is captured below under Known Issues. If you want to
+ review the defects fixed in the Amsterdam release, refer to Jira link
+ above.
+
+**Known Issues**
+ - `OOM-6 <https://jira.onap.org/browse/OOM-6>`_ Automated platform deployment on Docker/Kubernetes
+
+ VFC, AAF, MSB minor issues.
+
+ Workaround: Manual configuration changes - however the reference
+ vFirewall use case does not currently require these components.
+
+ - `OOM-10 <https://jira.onap.org/browse/OOM-10>`_ Platform configuration management.
+
+ OOM ONAP Configuration Management - Handling of Secrets.
+
+ Workaround: Automated workaround to be able to pull from protected
+ docker repositories.
+
+
+**Security Issues**
+ N/A
+
+
+**Upgrade Notes**
+
+ N/A
+
+**Deprecation Notes**
+
+ N/A
+
+**Other**
+
+ N/A
+
+End of Release Notes
diff --git a/docs/release-notes-beijing.rst b/docs/release-notes-beijing.rst
new file mode 100644
index 0000000000..1af7c58dc7
--- /dev/null
+++ b/docs/release-notes-beijing.rst
@@ -0,0 +1,425 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International
+.. License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
+.. reserved.
+.. _release_notes_beijing:
+
+ONAP Operations Manager Release Notes
+=====================================
+
+Version 2.0.0 Beijing Release
+-----------------------------
+
+:Release Date: 2018-06-07
+
+Previous Release Notes
+**********************
+
+- :ref:`Amsterdam <release_notes_amsterdam>`
+
+Epic
+****
+
+* [`OOM-6 <https://jira.onap.org/browse/OOM-6>`_] - Automated platform deployment on Docker/Kubernetes
+* [`OOM-7 <https://jira.onap.org/browse/OOM-7>`_] - Platform monitoring and auto-healing
+* [`OOM-8 <https://jira.onap.org/browse/OOM-8>`_] - Automated platform scalability
+* [`OOM-9 <https://jira.onap.org/browse/OOM-9>`_] - Platform upgradability & rollbacks
+* [`OOM-10 <https://jira.onap.org/browse/OOM-10>`_] - Platform configuration management
+* [`OOM-46 <https://jira.onap.org/browse/OOM-46>`_] - Platform infrastructure deployment with TOSCA
+* [`OOM-109 <https://jira.onap.org/browse/OOM-109>`_] - Platform Centralized Logging
+* [`OOM-138 <https://jira.onap.org/browse/OOM-138>`_] - Using Optimization framework
+* [`OOM-346 <https://jira.onap.org/browse/OOM-346>`_] - Platform Resiliency (including Recoverability, High-Availability, Backup/Restore, Geo-Redundancy)
+* [`OOM-376 <https://jira.onap.org/browse/OOM-376>`_] - ONAP deployment options standardization
+* [`OOM-486 <https://jira.onap.org/browse/OOM-486>`_] - HELM upgrade from 2.3 to 2.8.0
+* [`OOM-535 <https://jira.onap.org/browse/OOM-535>`_] - Upgrade Kubernetes from 1.8.6 to 1.9.2
+* [`OOM-590 <https://jira.onap.org/browse/OOM-590>`_] - OOM Wiki documentation of deployment options
+
+Story
+*****
+
+* [`OOM-11 <https://jira.onap.org/browse/OOM-11>`_] - Add AAF containers to ONAP Kubernetes
+* [`OOM-13 <https://jira.onap.org/browse/OOM-13>`_] - Add CLI containers to ONAP Kubernetes
+* [`OOM-15 <https://jira.onap.org/browse/OOM-15>`_] - Add DMAAP containers to ONAP Kubernetes
+* [`OOM-20 <https://jira.onap.org/browse/OOM-20>`_] - State Monitoring: MSO/mso
+* [`OOM-21 <https://jira.onap.org/browse/OOM-21>`_] - State Monitoring: A&AI/aai-service
+* [`OOM-22 <https://jira.onap.org/browse/OOM-22>`_] - State Monitoring: SDNC/sdc-be
+* [`OOM-24 <https://jira.onap.org/browse/OOM-24>`_] - State Monitoring: message-router
+* [`OOM-25 <https://jira.onap.org/browse/OOM-25>`_] - State Monitoring: MSB
+* [`OOM-29 <https://jira.onap.org/browse/OOM-29>`_] - State Monitoring: VID
+* [`OOM-31 <https://jira.onap.org/browse/OOM-31>`_] - State Monitoring: APPC/dbhost
+* [`OOM-32 <https://jira.onap.org/browse/OOM-32>`_] - State Monitoring: VFC
+* [`OOM-33 <https://jira.onap.org/browse/OOM-33>`_] - State Monitoring: Multi-VIM
+* [`OOM-34 <https://jira.onap.org/browse/OOM-34>`_] - Auto-Restart on failure: ...
+* [`OOM-35 <https://jira.onap.org/browse/OOM-35>`_] - State Monitoring: A&AI/hbase
+* [`OOM-36 <https://jira.onap.org/browse/OOM-36>`_] - State Monitoring: A&AI/model-loader-service
+* [`OOM-37 <https://jira.onap.org/browse/OOM-37>`_] - State Monitoring: APPC/dgbuilder
+* [`OOM-38 <https://jira.onap.org/browse/OOM-38>`_] - State Monitoring: APPC/sdnctldb01
+* [`OOM-39 <https://jira.onap.org/browse/OOM-39>`_] - State Monitoring: APPC/sdnctldb02
+* [`OOM-40 <https://jira.onap.org/browse/OOM-40>`_] - State Monitoring: APPC/sdnhost
+* [`OOM-41 <https://jira.onap.org/browse/OOM-41>`_] - State Monitoring: MSO/mariadb
+* [`OOM-42 <https://jira.onap.org/browse/OOM-42>`_] - State Monitoring: SDNC/dbhost
+* [`OOM-43 <https://jira.onap.org/browse/OOM-43>`_] - State Monitoring: SDNC/sdnc-dgbuilder
+* [`OOM-44 <https://jira.onap.org/browse/OOM-44>`_] - State Monitoring: SDNC/sdnc-portal
+* [`OOM-45 <https://jira.onap.org/browse/OOM-45>`_] - State Monitoring: SDNC/sdnctldb01
+* [`OOM-51 <https://jira.onap.org/browse/OOM-51>`_] - OOM ONAP Configuration Management - Externalize hardwired values
+* [`OOM-52 <https://jira.onap.org/browse/OOM-52>`_] - OOM ONAP Configuration Management - Parameterization of docker images
+* [`OOM-53 <https://jira.onap.org/browse/OOM-53>`_] - OOM ONAP Configuration Management - Parameterization for Sizing
+* [`OOM-63 <https://jira.onap.org/browse/OOM-63>`_] - Kubernetes cluster created by TOSCA description
+* [`OOM-85 <https://jira.onap.org/browse/OOM-85>`_] - Test the code in the "Lab" project environment
+* [`OOM-86 <https://jira.onap.org/browse/OOM-86>`_] - Monitoring the health status of ONAP components
+* [`OOM-87 <https://jira.onap.org/browse/OOM-87>`_] - Configure TOSCA description via dashboard
+* [`OOM-88 <https://jira.onap.org/browse/OOM-88>`_] - Deploy Holmes on K8S cluster by TOSCA description
+* [`OOM-89 <https://jira.onap.org/browse/OOM-89>`_] - Deploy CLAMP on K8S cluster by TOSCA description
+* [`OOM-91 <https://jira.onap.org/browse/OOM-91>`_] - Deploy MSB on K8S cluster by TOSCA description
+* [`OOM-92 <https://jira.onap.org/browse/OOM-92>`_] - Deploy AAF on K8S cluster by TOSCA description
+* [`OOM-93 <https://jira.onap.org/browse/OOM-93>`_] - Deploy VF-C on K8S cluster by TOSCA description
+* [`OOM-94 <https://jira.onap.org/browse/OOM-94>`_] - Deploy Multi-VIM on K8S cluster by TOSCA description
+* [`OOM-95 <https://jira.onap.org/browse/OOM-95>`_] - Deploy DCAEGen2 on K8S cluster by TOSCA description
+* [`OOM-96 <https://jira.onap.org/browse/OOM-96>`_] - Deploy AAI on K8S cluster by TOSCA description
+* [`OOM-97 <https://jira.onap.org/browse/OOM-97>`_] - Deploy APPC on K8S cluster by TOSCA description
+* [`OOM-98 <https://jira.onap.org/browse/OOM-98>`_] - Deploy MSO on K8S cluster by TOSCA description
+* [`OOM-99 <https://jira.onap.org/browse/OOM-99>`_] - Deploy Policy on K8S cluster by TOSCA description
+* [`OOM-100 <https://jira.onap.org/browse/OOM-100>`_] - Deploy SDC on K8S cluster by TOSCA description
+* [`OOM-102 <https://jira.onap.org/browse/OOM-102>`_] - Deploy VID on K8S cluster by TOSCA description
+* [`OOM-110 <https://jira.onap.org/browse/OOM-110>`_] - OOM ONAP Logging - Elastic Stack components deployment
+* [`OOM-111 <https://jira.onap.org/browse/OOM-111>`_] - OOM ONAP Logging - FileBeat deployment aside ONAP components
+* [`OOM-112 <https://jira.onap.org/browse/OOM-112>`_] - OOM ONAP Logging - Configuration of all ONAP components to emit canonical logs
+* [`OOM-116 <https://jira.onap.org/browse/OOM-116>`_] - ignore intellj files
+* [`OOM-145 <https://jira.onap.org/browse/OOM-145>`_] - update directory path from dockerdata-nfs to configured directory name (make it configurable)
+* [`OOM-235 <https://jira.onap.org/browse/OOM-235>`_] - Service endpoint annotation for Usecase UI
+* [`OOM-242 <https://jira.onap.org/browse/OOM-242>`_] - Modify DCAE seed for Helm
+* [`OOM-262 <https://jira.onap.org/browse/OOM-262>`_] - Remove "oneclick" kubectl scripts.
+* [`OOM-265 <https://jira.onap.org/browse/OOM-265>`_] - Top level helm chart for ONAP
+* [`OOM-268 <https://jira.onap.org/browse/OOM-268>`_] - Persist and externalize database directories via persistent volumes
+* [`OOM-271 <https://jira.onap.org/browse/OOM-271>`_] - Copy app config files from source
+* [`OOM-272 <https://jira.onap.org/browse/OOM-272>`_] - Set application environment variables from source
+* [`OOM-277 <https://jira.onap.org/browse/OOM-277>`_] - add automatic ONAP config parameter substitution
+* [`OOM-280 <https://jira.onap.org/browse/OOM-280>`_] - MSB automatically re-synch service data on restart.
+* [`OOM-292 <https://jira.onap.org/browse/OOM-292>`_] - Expose LOG Volume via /dockerdata-nfs
+* [`OOM-293 <https://jira.onap.org/browse/OOM-293>`_] - OOM ONAP Configuration Management - Handling of Secrets
+* [`OOM-298 <https://jira.onap.org/browse/OOM-298>`_] - Provide script to cleanup configuration data created by createConfig.sh
+* [`OOM-322 <https://jira.onap.org/browse/OOM-322>`_] - Clean-up config files that are generated at system startup
+* [`OOM-341 <https://jira.onap.org/browse/OOM-341>`_] - Provide an example of a partial deployment of ONAP components (e.g. no VFC)
+* [`OOM-342 <https://jira.onap.org/browse/OOM-342>`_] - Add pointer to Wiki page on the readme file.
+* [`OOM-344 <https://jira.onap.org/browse/OOM-344>`_] - Break the configuration tarball per appplication
+* [`OOM-345 <https://jira.onap.org/browse/OOM-345>`_] - Re-validate # of containers and configuration for DCAEgen2
+* [`OOM-356 <https://jira.onap.org/browse/OOM-356>`_] - Add 'Usecase UI' containers to ONAP Kubernetes
+* [`OOM-359 <https://jira.onap.org/browse/OOM-359>`_] - SDC logback chef failure
+* [`OOM-375 <https://jira.onap.org/browse/OOM-375>`_] - F2F: ONAP/OOM for Developers
+* [`OOM-382 <https://jira.onap.org/browse/OOM-382>`_] - Robot Version 1.1 OpenO tests
+* [`OOM-406 <https://jira.onap.org/browse/OOM-406>`_] - In Kubernetes 1.8, the annotations are no longer supported and must be converted to the PodSpec field.
+* [`OOM-457 <https://jira.onap.org/browse/OOM-457>`_] - In Kubernetes 1.8, init-container annotations to be converted to PodSpec field for aaf, clamp and vfc
+* [`OOM-460 <https://jira.onap.org/browse/OOM-460>`_] - Segregating configuration of ONAP components
+* [`OOM-476 <https://jira.onap.org/browse/OOM-476>`_] - Parameterize values.yaml docker image repos into global config variables
+* [`OOM-528 <https://jira.onap.org/browse/OOM-528>`_] - Confirm k8s context with a prompt for deleteAll.bash
+* [`OOM-534 <https://jira.onap.org/browse/OOM-534>`_] - Need to provide support for creating different sized OOM deployments
+* [`OOM-546 <https://jira.onap.org/browse/OOM-546>`_] - Provide option to collect ONAP env details for issue investigations
+* [`OOM-569 <https://jira.onap.org/browse/OOM-569>`_] - Investigate containerizing Cloudify Manager
+* [`OOM-579 <https://jira.onap.org/browse/OOM-579>`_] - Document a Cloudify deployment of OOM Beijing
+* [`OOM-633 <https://jira.onap.org/browse/OOM-633>`_] - Provide direct access to ONAP Portal without the need to use VNC
+* [`OOM-677 <https://jira.onap.org/browse/OOM-677>`_] - Update all source code files with the Apache 2 License header
+* [`OOM-678 <https://jira.onap.org/browse/OOM-678>`_] - Enforce MSB dockers dependencies using init-container
+* [`OOM-681 <https://jira.onap.org/browse/OOM-681>`_] - updating docker images/components to latest code
+* [`OOM-682 <https://jira.onap.org/browse/OOM-682>`_] - deployment of sdc workflow designer
+* [`OOM-695 <https://jira.onap.org/browse/OOM-695>`_] - Improve Readiness-check prob
+* [`OOM-722 <https://jira.onap.org/browse/OOM-722>`_] - OOM - Run all ONAP components in one namespace
+* [`OOM-725 <https://jira.onap.org/browse/OOM-725>`_] - Use Blueprint to install Helm and k8s dashboard while creating k8s cluster
+* [`OOM-727 <https://jira.onap.org/browse/OOM-727>`_] - Add Standardized Configuration to SO
+* [`OOM-728 <https://jira.onap.org/browse/OOM-728>`_] - Add Standardized Configuration to ROBOT
+* [`OOM-729 <https://jira.onap.org/browse/OOM-729>`_] - Add Standardized Configuration to VID
+* [`OOM-730 <https://jira.onap.org/browse/OOM-730>`_] - Add Standardized Configuration to Consul
+* [`OOM-731 <https://jira.onap.org/browse/OOM-731>`_] - Add Standardized Configuration to DMaaP Message Router
+* [`OOM-732 <https://jira.onap.org/browse/OOM-732>`_] - Add Standardized Configuration to AAF
+* [`OOM-733 <https://jira.onap.org/browse/OOM-733>`_] - Add Standardized Configuration to APPC
+* [`OOM-734 <https://jira.onap.org/browse/OOM-734>`_] - Add Standardized Configuration to AAI
+* [`OOM-735 <https://jira.onap.org/browse/OOM-735>`_] - Add Standardized Configuration to CLAMP
+* [`OOM-736 <https://jira.onap.org/browse/OOM-736>`_] - Add Standardized Configuration to CLI
+* [`OOM-737 <https://jira.onap.org/browse/OOM-737>`_] - Add Standardized Configuration to DCAEGEN2
+* [`OOM-738 <https://jira.onap.org/browse/OOM-738>`_] - Add Standardized Configuration to ESR
+* [`OOM-739 <https://jira.onap.org/browse/OOM-739>`_] - Add Standardized Configuration to KUBE2MSB
+* [`OOM-740 <https://jira.onap.org/browse/OOM-740>`_] - Add Standardized Configuration to LOG
+* [`OOM-742 <https://jira.onap.org/browse/OOM-742>`_] - Add Standardized Configuration to MSB
+* [`OOM-743 <https://jira.onap.org/browse/OOM-743>`_] - Replace deprecated MSO Helm Chart with Standardized SO Helm Chart
+* [`OOM-744 <https://jira.onap.org/browse/OOM-744>`_] - Add Standardized Configuration to MULTICLOUD
+* [`OOM-746 <https://jira.onap.org/browse/OOM-746>`_] - Add Standardized Configuration to PORTAL
+* [`OOM-747 <https://jira.onap.org/browse/OOM-747>`_] - Add Standardized Configuration to SDC
+* [`OOM-748 <https://jira.onap.org/browse/OOM-748>`_] - Add Standardized Configuration to SDNC
+* [`OOM-749 <https://jira.onap.org/browse/OOM-749>`_] - Add Standardized Configuration to UUI
+* [`OOM-750 <https://jira.onap.org/browse/OOM-750>`_] - Add Standardized Configuration to VFC
+* [`OOM-751 <https://jira.onap.org/browse/OOM-751>`_] - Add Standardized Configuration to VNFSDK
+* [`OOM-758 <https://jira.onap.org/browse/OOM-758>`_] - Common Mariadb Galera Helm Chart to be reused by many applications
+* [`OOM-771 <https://jira.onap.org/browse/OOM-771>`_] - OOM - update master with new policy db deployment
+* [`OOM-777 <https://jira.onap.org/browse/OOM-777>`_] - Add Standardized Configuration Helm Starter Chart
+* [`OOM-779 <https://jira.onap.org/browse/OOM-779>`_] - OOM APPC ODL (MDSAL) persistent storage
+* [`OOM-780 <https://jira.onap.org/browse/OOM-780>`_] - Update MSO to latest working version.
+* [`OOM-786 <https://jira.onap.org/browse/OOM-786>`_] - Re-add support for multiple instances of ONAP
+* [`OOM-788 <https://jira.onap.org/browse/OOM-788>`_] - Abstract docker secrets
+* [`OOM-789 <https://jira.onap.org/browse/OOM-789>`_] - Abstract cluster role binding
+* [`OOM-811 <https://jira.onap.org/browse/OOM-811>`_] - Make kube2msb use secret instead of passing token as environment variable
+* [`OOM-822 <https://jira.onap.org/browse/OOM-822>`_] - Update Documentation for the Beijing Release
+* [`OOM-823 <https://jira.onap.org/browse/OOM-823>`_] - Add CDT image to APPC chart
+* [`OOM-827 <https://jira.onap.org/browse/OOM-827>`_] - Add quick start documentation README
+* [`OOM-828 <https://jira.onap.org/browse/OOM-828>`_] - Remove oneclick scripts
+* [`OOM-857 <https://jira.onap.org/browse/OOM-857>`_] - kube2msb fails to start
+* [`OOM-914 <https://jira.onap.org/browse/OOM-914>`_] - Add LOG component robot healthcheck
+* [`OOM-960 <https://jira.onap.org/browse/OOM-960>`_] - OOM Healthcheck lockdown - currently 32/39 : 20180421
+* [`OOM-979 <https://jira.onap.org/browse/OOM-979>`_] - Enhance OOM TOSCA solution to support standardized Helm Chart
+* [`OOM-1006 <https://jira.onap.org/browse/OOM-1006>`_] - VNFSDK healthcheck fails
+* [`OOM-1073 <https://jira.onap.org/browse/OOM-1073>`_] - Change the Repository location in the image oomk8s/config-init:2.0.0-SNAPSHOT
+* [`OOM-1078 <https://jira.onap.org/browse/OOM-1078>`_] - Update Kubectl, docker, helm version
+
+Task
+****
+
+* [`OOM-57 <https://jira.onap.org/browse/OOM-57>`_] - Agree on configuration contract/YAML with each of the project teams
+* [`OOM-105 <https://jira.onap.org/browse/OOM-105>`_] - TOSCA based orchestration demo
+* [`OOM-257 <https://jira.onap.org/browse/OOM-257>`_] - DevOps: OOM config reset procedure for new /dockerdata-nfs content
+* [`OOM-305 <https://jira.onap.org/browse/OOM-305>`_] - Rename MSO to SO in OOM
+* [`OOM-332 <https://jira.onap.org/browse/OOM-332>`_] - Add AAI filebeat container - blocked by LOG-67
+* [`OOM-428 <https://jira.onap.org/browse/OOM-428>`_] - Add log container healthcheck to mark failed creations - see OOM-427
+* [`OOM-429 <https://jira.onap.org/browse/OOM-429>`_] - DOC: Document HELM server version 2.7.2 required for tpl usage
+* [`OOM-489 <https://jira.onap.org/browse/OOM-489>`_] - Update values.yaml files for tag name changes for docker images and versions.
+* [`OOM-543 <https://jira.onap.org/browse/OOM-543>`_] - SDNC adjust docker pullPolicy to IfNotPresent to speed up initial deployment slowdown introduced by SDNC-163
+* [`OOM-604 <https://jira.onap.org/browse/OOM-604>`_] - Update OOM and HEAT AAI sparky master from v1.1.0 to v1.1.1 - match INT-288
+* [`OOM-614 <https://jira.onap.org/browse/OOM-614>`_] - SDC, SDNC, AAI Healthcheck failures last 12 hours 20180124:1100EST
+* [`OOM-624 <https://jira.onap.org/browse/OOM-624>`_] - CII security badging: cleartext password for keystone and docker repo creds
+* [`OOM-726 <https://jira.onap.org/browse/OOM-726>`_] - Mirror AAI docker version changes into OOM from AAI-791
+* [`OOM-772 <https://jira.onap.org/browse/OOM-772>`_] - Remove old DCAE from Release
+* [`OOM-801 <https://jira.onap.org/browse/OOM-801>`_] - Policy docker images rename - key off new name in POLICY-674
+* [`OOM-810 <https://jira.onap.org/browse/OOM-810>`_] - Improve emsdriver code
+* [`OOM-819 <https://jira.onap.org/browse/OOM-819>`_] - expose log/logstash 5044 as nodeport for external log producers outside of the kubernetes cluster
+* [`OOM-820 <https://jira.onap.org/browse/OOM-820>`_] - Bypass vnc-portal for ONAP portal access
+* [`OOM-943 <https://jira.onap.org/browse/OOM-943>`_] - Upgrade prepull_docker.sh to work with new helm based master refactor - post OOM-328
+* [`OOM-947 <https://jira.onap.org/browse/OOM-947>`_] - Update AAI to latest images
+* [`OOM-975 <https://jira.onap.org/browse/OOM-975>`_] - Notes are missing in multicloud
+* [`OOM-1031 <https://jira.onap.org/browse/OOM-1031>`_] - Config Changes for consul to make vid, so, log health checks pass
+* [`OOM-1032 <https://jira.onap.org/browse/OOM-1032>`_] - Making consul Stateful
+* [`OOM-1122 <https://jira.onap.org/browse/OOM-1122>`_] - Update APPC OOM chart to use Beijing release artifacts
+
+Bug
+***
+
+* [`OOM-4 <https://jira.onap.org/browse/OOM-4>`_] - deleteAll.bash fails to properly delete services and ports
+* [`OOM-153 <https://jira.onap.org/browse/OOM-153>`_] - test - Sample Bug
+* [`OOM-212 <https://jira.onap.org/browse/OOM-212>`_] - deleteAll script does not have an option to delete the services
+* [`OOM-215 <https://jira.onap.org/browse/OOM-215>`_] - configure_app for helm apps is not correct
+* [`OOM-218 <https://jira.onap.org/browse/OOM-218>`_] - createConfig.sh needs a chmod 755 in release-1.0.0 only
+* [`OOM-239 <https://jira.onap.org/browse/OOM-239>`_] - mso.tar created in dockerdatanfs
+* [`OOM-258 <https://jira.onap.org/browse/OOM-258>`_] - AAI logs are not being written outside the pods
+* [`OOM-282 <https://jira.onap.org/browse/OOM-282>`_] - vnc-portal requires /etc/hosts url fix for SDC sdc.ui should be sdc.api
+* [`OOM-283 <https://jira.onap.org/browse/OOM-283>`_] - No longer able to deploy instances in specified namespace
+* [`OOM-290 <https://jira.onap.org/browse/OOM-290>`_] - config_init pod fails when /dockerdata-nfs is nfs-mounted
+* [`OOM-300 <https://jira.onap.org/browse/OOM-300>`_] - cat: /config-init/onap/mso/mso/encryption.key: No such file or directory
+* [`OOM-333 <https://jira.onap.org/browse/OOM-333>`_] - vfc-workflow fails [VFC BUG] - fixed - 20180117 vfc-ztevnfmdriver has docker pull issue
+* [`OOM-334 <https://jira.onap.org/browse/OOM-334>`_] - Change kubernetes startup user
+* [`OOM-351 <https://jira.onap.org/browse/OOM-351>`_] - Apply standard convention across the "template deployment YML" file
+* [`OOM-352 <https://jira.onap.org/browse/OOM-352>`_] - failed to start VFC containers
+* [`OOM-363 <https://jira.onap.org/browse/OOM-363>`_] - DCAE tests NOK with Robot E2E tests
+* [`OOM-366 <https://jira.onap.org/browse/OOM-366>`_] - certificates in consul agent config are not in the right directory
+* [`OOM-389 <https://jira.onap.org/browse/OOM-389>`_] - sdc-be and sdc-fe do not initialize correctly on latest master
+* [`OOM-409 <https://jira.onap.org/browse/OOM-409>`_] - Update Vid yaml file to point to the ONAPPORTAL URL
+* [`OOM-413 <https://jira.onap.org/browse/OOM-413>`_] - In portal VNC pod refresh /etc/hosts entries
+* [`OOM-414 <https://jira.onap.org/browse/OOM-414>`_] - MSB Healtcheck failure on $*_ENDPOINT variables
+* [`OOM-424 <https://jira.onap.org/browse/OOM-424>`_] - DCAE installation is not possible today
+* [`OOM-430 <https://jira.onap.org/browse/OOM-430>`_] - Portal healthcheck passing on vnc-portal down
+* [`OOM-467 <https://jira.onap.org/browse/OOM-467>`_] - Optimize config-init process
+* [`OOM-493 <https://jira.onap.org/browse/OOM-493>`_] - Kubernetes infrastructure for ESR
+* [`OOM-496 <https://jira.onap.org/browse/OOM-496>`_] - Readiness check is marking full availability of some components like SDC and SDNC before they would pass healthcheck
+* [`OOM-514 <https://jira.onap.org/browse/OOM-514>`_] - Readiness prob fails sometimes even though the relevant pods are running
+* [`OOM-539 <https://jira.onap.org/browse/OOM-539>`_] - Kube2MSB registrator doesn't support https REST service registration
+* [`OOM-570 <https://jira.onap.org/browse/OOM-570>`_] - Wrong value is assigned to kube2msb AUTH_TOKEN environment variable
+* [`OOM-574 <https://jira.onap.org/browse/OOM-574>`_] - OOM configuration for robot doesnt copy heat templatese in dockerdata-nfs
+* [`OOM-577 <https://jira.onap.org/browse/OOM-577>`_] - Incorrect evaluation of bash command in yaml template file (portal-vnc-dep.yaml)
+* [`OOM-578 <https://jira.onap.org/browse/OOM-578>`_] - Hard coded token in oom/kubernetes/kube2msb/values.yaml file
+* [`OOM-589 <https://jira.onap.org/browse/OOM-589>`_] - Can not acces CLI in vnc-portal
+* [`OOM-598 <https://jira.onap.org/browse/OOM-598>`_] - createAll.bash base64: invalid option -- d
+* [`OOM-600 <https://jira.onap.org/browse/OOM-600>`_] - Unable to open CLI by clicking CLI application icon
+* [`OOM-630 <https://jira.onap.org/browse/OOM-630>`_] - Red herring config pod deletion error on deleteAll - after we started deleting onap-config automatically
+* [`OOM-645 <https://jira.onap.org/browse/OOM-645>`_] - Kube2MSB RBAC security issues
+* [`OOM-653 <https://jira.onap.org/browse/OOM-653>`_] - sdnc-dbhost-0 deletion failure
+* [`OOM-657 <https://jira.onap.org/browse/OOM-657>`_] - Look into DCAEGEN2 failure on duplicate servicePort
+* [`OOM-672 <https://jira.onap.org/browse/OOM-672>`_] - hardcoded clusterIP for aai breaks auto installation
+* [`OOM-680 <https://jira.onap.org/browse/OOM-680>`_] - ONAP Failure install with kubernetes 1.8+
+* [`OOM-687 <https://jira.onap.org/browse/OOM-687>`_] - Typo in README_HELM
+* [`OOM-724 <https://jira.onap.org/browse/OOM-724>`_] - License Update in TOSCA
+* [`OOM-767 <https://jira.onap.org/browse/OOM-767>`_] - data-router-logs and elasticsearch-data mapped to same folder
+* [`OOM-768 <https://jira.onap.org/browse/OOM-768>`_] - Hardcoded onap in config files
+* [`OOM-769 <https://jira.onap.org/browse/OOM-769>`_] - sdc-es data mapping in sdc-be and sdc-fe redundant
+* [`OOM-783 <https://jira.onap.org/browse/OOM-783>`_] - UUI health check is failing
+* [`OOM-784 <https://jira.onap.org/browse/OOM-784>`_] - make new so chart one namespace compatible
+* [`OOM-791 <https://jira.onap.org/browse/OOM-791>`_] - After OOM-722 merge - docker pulls are timing out - switch to pullPolicy IfNotPresent
+* [`OOM-794 <https://jira.onap.org/browse/OOM-794>`_] - demo-k8s.sh name not modified in the usage string
+* [`OOM-795 <https://jira.onap.org/browse/OOM-795>`_] - HEAT templates for robot instantiateVFW missing
+* [`OOM-796 <https://jira.onap.org/browse/OOM-796>`_] - robot asdc/sdngc interface in synch for Master
+* [`OOM-797 <https://jira.onap.org/browse/OOM-797>`_] - GLOBAL_INJECTED_SCRIPT_VERSION missing from vm_properties.py
+* [`OOM-804 <https://jira.onap.org/browse/OOM-804>`_] - VFC vfc-ztevnfmdriver container failure
+* [`OOM-815 <https://jira.onap.org/browse/OOM-815>`_] - OOM Robot container helm failure after OOM-728 35909 merge
+* [`OOM-829 <https://jira.onap.org/browse/OOM-829>`_] - Can not make multicloud helm chart
+* [`OOM-830 <https://jira.onap.org/browse/OOM-830>`_] - Fix OOM build dependencies
+* [`OOM-835 <https://jira.onap.org/browse/OOM-835>`_] - CLAMP mariadb pv is pointing to a wrong location
+* [`OOM-836 <https://jira.onap.org/browse/OOM-836>`_] - champ and gizmo yaml validation issue
+* [`OOM-845 <https://jira.onap.org/browse/OOM-845>`_] - Global repository should not be set by default
+* [`OOM-846 <https://jira.onap.org/browse/OOM-846>`_] - Add liveness enabled fix to helm starter
+* [`OOM-847 <https://jira.onap.org/browse/OOM-847>`_] - log-elasticsearch external ports are not externally accessible
+* [`OOM-848 <https://jira.onap.org/browse/OOM-848>`_] - log-logstash logstash pipeline fails to start after oom standard config changes
+* [`OOM-851 <https://jira.onap.org/browse/OOM-851>`_] - sdc chart validation error
+* [`OOM-856 <https://jira.onap.org/browse/OOM-856>`_] - appc mysql fails deployment
+* [`OOM-858 <https://jira.onap.org/browse/OOM-858>`_] - Fail to deploy onap chart due to config map size
+* [`OOM-870 <https://jira.onap.org/browse/OOM-870>`_] - Missing CLAMP configuration
+* [`OOM-871 <https://jira.onap.org/browse/OOM-871>`_] - log kibana container fails to start after oom standard config changes
+* [`OOM-872 <https://jira.onap.org/browse/OOM-872>`_] - APPC-helm Still need config pod
+* [`OOM-873 <https://jira.onap.org/browse/OOM-873>`_] - OOM doc typo
+* [`OOM-874 <https://jira.onap.org/browse/OOM-874>`_] - Inconsistent repository references in ONAP charts
+* [`OOM-875 <https://jira.onap.org/browse/OOM-875>`_] - Cannot retrieve robot logs
+* [`OOM-876 <https://jira.onap.org/browse/OOM-876>`_] - Some containers ignore the repository setting
+* [`OOM-878 <https://jira.onap.org/browse/OOM-878>`_] - MySQL slave nodes don't deploy when mysql.replicaCount > 1
+* [`OOM-881 <https://jira.onap.org/browse/OOM-881>`_] - SDN-C Portal pod fails to come up
+* [`OOM-882 <https://jira.onap.org/browse/OOM-882>`_] - Some SDNC service names should be prefixed with the helm release name
+* [`OOM-884 <https://jira.onap.org/browse/OOM-884>`_] - VID-VID mariadb pv is pointing to a wrong location
+* [`OOM-885 <https://jira.onap.org/browse/OOM-885>`_] - Beijing oom component log messages missing in Elasticsearch
+* [`OOM-886 <https://jira.onap.org/browse/OOM-886>`_] - kube2msb not starting up
+* [`OOM-887 <https://jira.onap.org/browse/OOM-887>`_] - SDN-C db schema and sdnctl db user not reliably being created
+* [`OOM-888 <https://jira.onap.org/browse/OOM-888>`_] - aaf-cs mapping wrong
+* [`OOM-889 <https://jira.onap.org/browse/OOM-889>`_] - restore pv&pvc for mysql when NFS provisioner is disabled
+* [`OOM-898 <https://jira.onap.org/browse/OOM-898>`_] - Multicloud-framework config file is not volume-mounted
+* [`OOM-899 <https://jira.onap.org/browse/OOM-899>`_] - SDNC main pod does not come up
+* [`OOM-900 <https://jira.onap.org/browse/OOM-900>`_] - portal-cassandra missing pv and pvc
+* [`OOM-904 <https://jira.onap.org/browse/OOM-904>`_] - OOM problems bringing up components and passing healthchecks
+* [`OOM-905 <https://jira.onap.org/browse/OOM-905>`_] - Charts use nsPrefix instead of release namespace
+* [`OOM-906 <https://jira.onap.org/browse/OOM-906>`_] - Make all services independent of helm Release.Name
+* [`OOM-907 <https://jira.onap.org/browse/OOM-907>`_] - Make all persistent volume to be mapped to a location defined by helm Release.Name
+* [`OOM-908 <https://jira.onap.org/browse/OOM-908>`_] - Job portal-db-config fails due to missing image config
+* [`OOM-909 <https://jira.onap.org/browse/OOM-909>`_] - SO Health Check fails
+* [`OOM-910 <https://jira.onap.org/browse/OOM-910>`_] - VID Health Check fails
+* [`OOM-911 <https://jira.onap.org/browse/OOM-911>`_] - VFC Health Check fails for 9 components
+* [`OOM-912 <https://jira.onap.org/browse/OOM-912>`_] - Multicloud Health Check fails for 1 of its components
+* [`OOM-913 <https://jira.onap.org/browse/OOM-913>`_] - Consul agent pod is failing
+* [`OOM-916 <https://jira.onap.org/browse/OOM-916>`_] - Used to fix testing issues related to usability
+* [`OOM-918 <https://jira.onap.org/browse/OOM-918>`_] - Policy - incorrect configmap mount causes base.conf to disappear
+* [`OOM-920 <https://jira.onap.org/browse/OOM-920>`_] - Issue with CLAMP configuation
+* [`OOM-921 <https://jira.onap.org/browse/OOM-921>`_] - align onap/values.yaml and onap/resources/environments/dev.yaml - different /dockerdata-nfs
+* [`OOM-926 <https://jira.onap.org/browse/OOM-926>`_] - Disable clustering for APP-C out-of-the-box
+* [`OOM-927 <https://jira.onap.org/browse/OOM-927>`_] - Need a production grade configuration override file of ONAP deployment
+* [`OOM-928 <https://jira.onap.org/browse/OOM-928>`_] - Some charts use /dockerdata-nfs by default
+* [`OOM-929 <https://jira.onap.org/browse/OOM-929>`_] - DMaaP message router docker image fails to pull
+* [`OOM-930 <https://jira.onap.org/browse/OOM-930>`_] - New AAF Helm Charts required
+* [`OOM-931 <https://jira.onap.org/browse/OOM-931>`_] - Reintroduce VNC pod into OOM
+* [`OOM-932 <https://jira.onap.org/browse/OOM-932>`_] - Unblock integration testing
+* [`OOM-935 <https://jira.onap.org/browse/OOM-935>`_] - sdc-cassandra pod fails to delete using helm delete - forced kubectl delete
+* [`OOM-936 <https://jira.onap.org/browse/OOM-936>`_] - Readiness-check prob version is inconsistent across components
+* [`OOM-937 <https://jira.onap.org/browse/OOM-937>`_] - Portal Cassandra config map points to wrong directory
+* [`OOM-938 <https://jira.onap.org/browse/OOM-938>`_] - Can't install aai alone using helm
+* [`OOM-945 <https://jira.onap.org/browse/OOM-945>`_] - SDNC some bundles failing to start cleanly
+* [`OOM-948 <https://jira.onap.org/browse/OOM-948>`_] - make vfc got an error
+* [`OOM-951 <https://jira.onap.org/browse/OOM-951>`_] - Update APPC charts based on on changes for ccsdk and Nitrogen ODL
+* [`OOM-953 <https://jira.onap.org/browse/OOM-953>`_] - switch aai haproxy/hbase repo from hub.docker.com to nexus3
+* [`OOM-958 <https://jira.onap.org/browse/OOM-958>`_] - SDC-be deployment missing environment paramter
+* [`OOM-964 <https://jira.onap.org/browse/OOM-964>`_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down
+* [`OOM-968 <https://jira.onap.org/browse/OOM-968>`_] - warning on default deployment values.yaml
+* [`OOM-969 <https://jira.onap.org/browse/OOM-969>`_] - oomk8s images have no Dockerfile's
+* [`OOM-971 <https://jira.onap.org/browse/OOM-971>`_] - Common service name template should allow for chart name override
+* [`OOM-974 <https://jira.onap.org/browse/OOM-974>`_] - Cassandra bootstrap is done incorrectly
+* [`OOM-977 <https://jira.onap.org/browse/OOM-977>`_] - The esr-gui annotations should include a "path" param when register to MSB
+* [`OOM-985 <https://jira.onap.org/browse/OOM-985>`_] - DMAAP Redis fails to start
+* [`OOM-986 <https://jira.onap.org/browse/OOM-986>`_] - SDC BE and FE logs are missing
+* [`OOM-989 <https://jira.onap.org/browse/OOM-989>`_] - Sync ete-k8.sh and ete.sh for new log file numbering
+* [`OOM-990 <https://jira.onap.org/browse/OOM-990>`_] - AUTO.json in SDC has unreachable addresses
+* [`OOM-993 <https://jira.onap.org/browse/OOM-993>`_] - AAI model-loader.properties not in sync with project file
+* [`OOM-994 <https://jira.onap.org/browse/OOM-994>`_] - DCAE cloudify controller docker image 1.1.0 N/A - use 1.2.0/1.3.0
+* [`OOM-1003 <https://jira.onap.org/browse/OOM-1003>`_] - dcae-cloudify-manager chart references obsolete image version
+* [`OOM-1004 <https://jira.onap.org/browse/OOM-1004>`_] - aai-resources constantly fails due to cassanda hostname
+* [`OOM-1005 <https://jira.onap.org/browse/OOM-1005>`_] - AAI Widgets not loading due to duplicate volumes
+* [`OOM-1007 <https://jira.onap.org/browse/OOM-1007>`_] - Update dcae robot health check config
+* [`OOM-1008 <https://jira.onap.org/browse/OOM-1008>`_] - Set default consul server replica count to 1
+* [`OOM-1010 <https://jira.onap.org/browse/OOM-1010>`_] - Fix broken property names in DCAE input files
+* [`OOM-1011 <https://jira.onap.org/browse/OOM-1011>`_] - Policy config correction after Service Name changes because of OOM-906
+* [`OOM-1013 <https://jira.onap.org/browse/OOM-1013>`_] - Update DCAE container versions
+* [`OOM-1014 <https://jira.onap.org/browse/OOM-1014>`_] - Portal login not working due to inconsistent zookeeper naming
+* [`OOM-1015 <https://jira.onap.org/browse/OOM-1015>`_] - Champ fails to start
+* [`OOM-1016 <https://jira.onap.org/browse/OOM-1016>`_] - DOC-OPS Review: Helm install command is wrong on oom_user_guide - missing namespace
+* [`OOM-1017 <https://jira.onap.org/browse/OOM-1017>`_] - DOC-OPS review: Docker/Kubernetes versions wrong for master in oom_cloud_setup_guide
+* [`OOM-1018 <https://jira.onap.org/browse/OOM-1018>`_] - DOC-OPS review: global repo override does not match git in oom quick start guide
+* [`OOM-1019 <https://jira.onap.org/browse/OOM-1019>`_] - DOC-OPS review: Add Ubuntu 16.04 reference to oom_user_guide to avoid 14/16 confusion
+* [`OOM-1021 <https://jira.onap.org/browse/OOM-1021>`_] - Update APPC resources for Nitrogen ODL
+* [`OOM-1022 <https://jira.onap.org/browse/OOM-1022>`_] - Fix SDC startup dependencies
+* [`OOM-1023 <https://jira.onap.org/browse/OOM-1023>`_] - "spring.datasource.cldsdb.url" in clamp has wrong clampdb name
+* [`OOM-1024 <https://jira.onap.org/browse/OOM-1024>`_] - Cassandra data not persisted
+* [`OOM-1033 <https://jira.onap.org/browse/OOM-1033>`_] - helm error during deployment 20180501:1900 - all builds under 2.7.2
+* [`OOM-1034 <https://jira.onap.org/browse/OOM-1034>`_] - VID Ports incorrect in deployment.yaml
+* [`OOM-1037 <https://jira.onap.org/browse/OOM-1037>`_] - Enable CLI health check
+* [`OOM-1039 <https://jira.onap.org/browse/OOM-1039>`_] - Service distribution to SO fails
+* [`OOM-1041 <https://jira.onap.org/browse/OOM-1041>`_] - aai-service was renamed, but old references remain
+* [`OOM-1042 <https://jira.onap.org/browse/OOM-1042>`_] - portalapps service was renamed, but old references remain
+* [`OOM-1045 <https://jira.onap.org/browse/OOM-1045>`_] - top level values.yaml missing entry for dmaap chart
+* [`OOM-1049 <https://jira.onap.org/browse/OOM-1049>`_] - SDNC_UEB_LISTENER db
+* [`OOM-1050 <https://jira.onap.org/browse/OOM-1050>`_] - Impossible to deploy consul using cache docker registry
+* [`OOM-1051 <https://jira.onap.org/browse/OOM-1051>`_] - Fix aaf deployment
+* [`OOM-1052 <https://jira.onap.org/browse/OOM-1052>`_] - SO cloud config file points to Rackspace cloud
+* [`OOM-1054 <https://jira.onap.org/browse/OOM-1054>`_] - Portal LoadBalancer Ingress IP is on the wrong network
+* [`OOM-1060 <https://jira.onap.org/browse/OOM-1060>`_] - Incorrect MR Kafka references prevent aai champ from starting
+* [`OOM-1061 <https://jira.onap.org/browse/OOM-1061>`_] - ConfigMap size limit exceeded
+* [`OOM-1064 <https://jira.onap.org/browse/OOM-1064>`_] - Improve docker registry secret management
+* [`OOM-1066 <https://jira.onap.org/browse/OOM-1066>`_] - Updating TOSCA blueprint to sync up with helm configuration changes (add dmaap and oof/delete message-router)
+* [`OOM-1068 <https://jira.onap.org/browse/OOM-1068>`_] - Update SO with new AAI cert
+* [`OOM-1076 <https://jira.onap.org/browse/OOM-1076>`_] - some charts still using readiness check image from amsterdam 1.x
+* [`OOM-1077 <https://jira.onap.org/browse/OOM-1077>`_] - AAI resources and traversal deployment failure on non-rancher envs
+* [`OOM-1079 <https://jira.onap.org/browse/OOM-1079>`_] - Robot charts dont allow over ride of pub_key, dcae_collector_ip and dcae_collector_port
+* [`OOM-1081 <https://jira.onap.org/browse/OOM-1081>`_] - Remove component 'mock' from TOSCA deployment
+* [`OOM-1082 <https://jira.onap.org/browse/OOM-1082>`_] - Wrong pv location of dcae postgres
+* [`OOM-1085 <https://jira.onap.org/browse/OOM-1085>`_] - appc hostname is incorrect in url
+* [`OOM-1086 <https://jira.onap.org/browse/OOM-1086>`_] - clamp deployment changes /dockerdata-nfs/ReleaseName dir permissions
+* [`OOM-1088 <https://jira.onap.org/browse/OOM-1088>`_] - APPC returns error for vCPE restart message from Policy
+* [`OOM-1089 <https://jira.onap.org/browse/OOM-1089>`_] - DCAE pods are not getting purged
+* [`OOM-1093 <https://jira.onap.org/browse/OOM-1093>`_] - Line wrapping issue in redis-cluster-config.sh script
+* [`OOM-1094 <https://jira.onap.org/browse/OOM-1094>`_] - Fix postgres startup
+* [`OOM-1095 <https://jira.onap.org/browse/OOM-1095>`_] - common makefile builds out of order
+* [`OOM-1096 <https://jira.onap.org/browse/OOM-1096>`_] - node port conflict SDNC (Geo enabled) & other charts
+* [`OOM-1097 <https://jira.onap.org/browse/OOM-1097>`_] - Nbi needs dep-nbi - crash on make all
+* [`OOM-1099 <https://jira.onap.org/browse/OOM-1099>`_] - Add External Interface NBI project into OOM TOSCA
+* [`OOM-1102 <https://jira.onap.org/browse/OOM-1102>`_] - Incorrect AAI services
+* [`OOM-1103 <https://jira.onap.org/browse/OOM-1103>`_] - Cannot disable NBI
+* [`OOM-1104 <https://jira.onap.org/browse/OOM-1104>`_] - Policy DROOLS configuration across container restarts
+* [`OOM-1110 <https://jira.onap.org/browse/OOM-1110>`_] - Clamp issue when connecting Policy
+* [`OOM-1111 <https://jira.onap.org/browse/OOM-1111>`_] - Please revert to using VNFSDK Postgres container
+* [`OOM-1114 <https://jira.onap.org/browse/OOM-1114>`_] - APPC is broken in latest helm chart
+* [`OOM-1115 <https://jira.onap.org/browse/OOM-1115>`_] - SDNC DGBuilder cant operate on DGs in database - need NodePort
+* [`OOM-1116 <https://jira.onap.org/browse/OOM-1116>`_] - Correct values needed by NBI chart
+* [`OOM-1124 <https://jira.onap.org/browse/OOM-1124>`_] - Update OOM APPC chart to enhance AAF support
+* [`OOM-1126 <https://jira.onap.org/browse/OOM-1126>`_] - Incorrect Port mapping between CDT Application and APPC main application
+* [`OOM-1127 <https://jira.onap.org/browse/OOM-1127>`_] - SO fails healthcheck
+* [`OOM-1128 <https://jira.onap.org/browse/OOM-1128>`_] - AAF CS fails to start in OpenLab
+
+Sub-task
+********
+
+* [`OOM-304 <https://jira.onap.org/browse/OOM-304>`_] - Service endpoint annotation for Data Router
+* [`OOM-306 <https://jira.onap.org/browse/OOM-306>`_] - Handle mariadb secrets
+* [`OOM-510 <https://jira.onap.org/browse/OOM-510>`_] - Increase vm.max_map_count to 262144 when running Rancher 1.6.11+ via helm 2.6+ - for elasticsearch log mem failure
+* [`OOM-512 <https://jira.onap.org/browse/OOM-512>`_] - Push the reviewed and merged ReadMe content to RTD
+* [`OOM-641 <https://jira.onap.org/browse/OOM-641>`_] - Segregating of configuration for SDNC-UEB component
+* [`OOM-655 <https://jira.onap.org/browse/OOM-655>`_] - Create alternate prepull script which provides more user feedback and logging
+* [`OOM-753 <https://jira.onap.org/browse/OOM-753>`_] - Create Helm Sub-Chart for SO's embedded mariadb
+* [`OOM-754 <https://jira.onap.org/browse/OOM-754>`_] - Create Helm Chart for SO
+* [`OOM-774 <https://jira.onap.org/browse/OOM-774>`_] - Create Helm Sub-Chart for APPC's embedded mySQL database
+* [`OOM-775 <https://jira.onap.org/browse/OOM-775>`_] - Create Helm Chart for APPC
+* [`OOM-778 <https://jira.onap.org/browse/OOM-778>`_] - Replace NFS Provisioner with configurable PV storage solution
+* [`OOM-825 <https://jira.onap.org/browse/OOM-825>`_] - Apache 2 License updation for All sqls and .js file
+* [`OOM-849 <https://jira.onap.org/browse/OOM-849>`_] - Policy Nexus component needs persistent volume for /sonatype-work
+* [`OOM-991 <https://jira.onap.org/browse/OOM-991>`_] - Adjust SDC-BE init job timing from 10 to 30s to avoid restarts on single node systems
+* [`OOM-1036 <https://jira.onap.org/browse/OOM-1036>`_] - update helm from 2.7.2 to 2.8.2 wiki/rtd
+* [`OOM-1063 <https://jira.onap.org/browse/OOM-1063>`_] - Document Portal LoadBalancer Ingress IP Settings
+
+**Security Notes**
+
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
+
+Quick Links:
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+
+
+
+End of Release Notes
diff --git a/docs/release-notes-casablanca.rst b/docs/release-notes-casablanca.rst
new file mode 100644
index 0000000000..f983c59c9d
--- /dev/null
+++ b/docs/release-notes-casablanca.rst
@@ -0,0 +1,76 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International
+.. License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
+.. reserved.
+.. _release_notes_casablanca:
+
+ONAP Operations Manager Release Notes
+=====================================
+
+Version 3.0.0 Casablanca Release
+--------------------------------
+
+:Release Date: 2018-11-30
+
+**Previous Release Notes**
+
+- :ref:`Beijing <release_notes_beijing>`
+- :ref:`Amsterdam <release_notes_amsterdam>`
+
+Summary
+-------
+
+The focus of this release was on incremental improvements in the following
+areas:
+
+* Pluggable persistent storage with support for GlusterFS as the first storage
+ class provisioner
+
+* CPU and Memory limits in Helm Charts to improve Pod placement based on
+ resource availablity in Kubernetes Cluster
+
+* Support of Node Selectors for Pod placement
+
+* Common "shared" Helm Charts referencing common images
+
+ - mariadb-galera
+ - postgres
+ - cassandra
+ - mysql
+ - mongo
+
+* Integration of ARK Backup and Restore solution
+
+* Introduction of Helm deploy and undeploy plugins to better manage ONAP
+ deployments
+
+
+**Security Notes**
+
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
+
+Quick Links:
+
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+
+
+**Known Issues**
+
+ * **Problem**: kubectl connections to pods (kubectl exec|logs) will
+ fail after a while due to a known bug in Kubernetes (1.11.2)
+
+ **Workaround**: Restart of the kubelet daemons on the k8s hosts
+
+ **Fix**: Will be delivered in the next release via a new
+ Kubernetes version (1.12)
+
+ - `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_
+ - `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_
+ - `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_
+ - `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_
+
+End of Release Notes
diff --git a/docs/release-notes-dublin.rst b/docs/release-notes-dublin.rst
new file mode 100644
index 0000000000..6201f56350
--- /dev/null
+++ b/docs/release-notes-dublin.rst
@@ -0,0 +1,79 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International
+.. License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
+.. reserved.
+.. _release_notes_dublin:
+
+ONAP Operations Manager Release Notes
+=====================================
+
+Version 4.0.0 (Dublin Release)
+------------------------------
+
+:Release Date: 2019-06-26
+
+**Previous Release Notes**
+
+- :ref:`Casablanca <release_notes_casablanca>`
+- :ref:`Beijing <release_notes_beijing>`
+- :ref:`Amsterdam <release_notes_amsterdam>`
+
+
+Summary
+-------
+
+**Platform Resiliency**
+
+* Documenation of a Highly-Available Kubernetes Cluster Deployment
+* Availability of a Default Storage Class Provisioner for improved Persistent Storage resiliency
+* Availability of a CNI reference integration for Multi-site support
+
+ * applications can take advantage of multi-site by using POD and/or Node (anti)affinity, taints/tolerations, labels per application
+
+**Footprint Optimization**
+
+* Shared MariaDB-Galera Cluster - current clients in Dublin: SO, SDNC
+* Shared Cassandra Cluster - current clients in Dublin: AAI, SDC
+* Optional deployment of independent clusters (backward compatibility)
+
+**Platform Upgradability**
+
+* Introduction of an Upgrade Framework supporting:
+
+ * Automated rolling upgrades for applications
+ * In-place schema and data migrations
+ * Blue-Green deployment environment migration (e.g. Pre-prod to Prod)
+ * Upgrades from embedded database instance into shared database instance
+
+* Release-to-release upgrade support delivered for the following projects
+
+ * A&AI
+ * SDNC
+ * SO
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
+
+*Known Vulnerabilities in Used Modules*
+
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
+
+Quick Links:
+
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+
+
+**Known Issues**
+
+End of Release Notes
diff --git a/docs/release-notes-elalto.rst b/docs/release-notes-elalto.rst
new file mode 100644
index 0000000000..f23751d0ed
--- /dev/null
+++ b/docs/release-notes-elalto.rst
@@ -0,0 +1,81 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International
+.. License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
+.. reserved.
+.. _release_notes_elalto:
+
+ONAP Operations Manager Release Notes
+=====================================
+
+Version 5.0.1 (El Alto Release)
+-------------------------------
+
+:Release Date: 2019-10-10
+
+**Previous Release Notes**
+
+- :ref:`Dublin <release_notes_dublin>`
+- :ref:`Casablanca <release_notes_casablanca>`
+- :ref:`Beijing <release_notes_beijing>`
+- :ref:`Amsterdam <release_notes_amsterdam>`
+
+
+Summary
+-------
+
+The focus of this release was on maintanence and as such no new features were delivered.
+A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726
+
+**New Features**
+
+**Bug Fixes**
+
+* 25 defects addressed (see link above)
+
+**Known Issues**
+
+The following known issues will be addressed in a future release:
+
+* [`OOM-1480 <https://jira.onap.org/browse/OOM-1480>`_] - postgres chart does not set root password when installing on an existing database instances
+* [`OOM-1966 <https://jira.onap.org/browse/OOM-1966>`_] - ONAP on HA Kubernetes Cluster - Documentation update
+* [`OOM-1995 <https://jira.onap.org/browse/OOM-1995>`_] - Mariadb Galera cluster pods keep failing
+* [`OOM-2061 <https://jira.onap.org/browse/OOM-2061>`_] - Details Missing for installing the kubectl section
+* [`OOM-2075 <https://jira.onap.org/browse/OOM-2075>`_] - Invalid MTU for Canal CNI interfaces
+* [`OOM-2080 <https://jira.onap.org/browse/OOM-2080>`_] - Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
+* [`OOM-2091 <https://jira.onap.org/browse/OOM-2091>`_] - incorrect release deployed
+* [`OOM-2132 <https://jira.onap.org/browse/OOM-2132>`_] - Common Galera server.cnf does not contain Camunda required settings
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
+
+*Known Vulnerabilities in Used Modules*
+
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
+
+Quick Links:
+
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+
+
+Version 5.0.0 (El Alto Early Drop)
+----------------------------------
+
+:Release Date: 2019-08-19
+
+Summary
+-------
+
+**Software Requirements**
+
+* Upgraded to Kubernetes 1.15.x and Helm 1.14.x
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 41e42b5cc4..5570d4d722 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -1,724 +1,164 @@
-.. This work is licensed under a Creative Commons Attribution 4.0 International
-.. License.
+.. This work is licensed under a Creative Commons Attribution 4.0
+ International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
-.. reserved.
+.. (c) ONAP Project and its contributors
.. _release_notes:
+*************************************
ONAP Operations Manager Release Notes
-=====================================
+*************************************
-Version 6.0.0 (Frankfurt Release)
----------------------------------
+Previous Release Notes
+======================
-:Release Date: 2020-xx-xx
+- :ref:`El Alto <release_notes_elalto>`
+- :ref:`Dublin <release_notes_dublin>`
+- :ref:`Casablanca <release_notes_casablanca>`
+- :ref:`Beijing <release_notes_beijing>`
+- :ref:`Amsterdam <release_notes_amsterdam>`
-Summary
--------
-
-The focus of this release is to strengthen the foundation of OOM installer.
-A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10826
-
-**Software Requirements**
+Abstract
+========
-* Upgraded to Kubernetes 1.15.x and Helm 2.16.x
+This document provides the release notes for the Frankfurt release.
-**Hardcoded Password removal**
+Summary
+=======
-* All mariadb galera password are not hardcoded
+The focus of this release is to strengthen the foundation of OOM installer.
-**New Features**
+Release Data
+============
+
++--------------------------------------+--------------------------------------+
+| **Project** | OOM |
+| | |
++--------------------------------------+--------------------------------------+
+| **Docker images** | N/A |
+| | |
++--------------------------------------+--------------------------------------+
+| **Release designation** | Frankfurt |
+| | |
++--------------------------------------+--------------------------------------+
+| **Release date** | 2020/06/15 |
+| | |
++--------------------------------------+--------------------------------------+
+
+New features
+------------
* Ingress deployment is getting more and more usable
* Use of dynamic Persistent Volume is available
-**Bug Fixes**
-
-**Known Issues**
-
-The following known issues will be addressed in a future release:
-
-* [`OOM-2075 <https://jira.onap.org/browse/OOM-2075>`_] - https://jira.onap.org/browse/OOM-2075
-
-**Security Notes**
-
-*Fixed Security Issues*
-
-* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
-* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
-
-*Known Security Issues*
-
-* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+**Bug fixes**
-*Known Vulnerabilities in Used Modules*
-
-OOM code has been formally scanned during build time using NexusIQ and no
-Critical vulnerability was found.
-
-Quick Links:
-
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
-
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
-
-
-Version 5.0.1 (El Alto Release)
--------------------------------
-
-:Release Date: 2019-10-10
-
-Summary
--------
-
-The focus of this release was on maintanence and as such no new features were delivered.
-A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726
-
-**New Features**
-
-**Bug Fixes**
-
-* 25 defects addressed (see link above)
+A list of issues resolved in this release can be found here:
+https://jira.onap.org/projects/OOM/versions/10826
**Known Issues**
-The following known issues will be addressed in a future release:
-
-* [`OOM-1480 <https://jira.onap.org/browse/OOM-1480>`_] - postgres chart does not set root password when installing on an existing database instances
-* [`OOM-1966 <https://jira.onap.org/browse/OOM-1966>`_] - ONAP on HA Kubernetes Cluster - Documentation update
-* [`OOM-1995 <https://jira.onap.org/browse/OOM-1995>`_] - Mariadb Galera cluster pods keep failing
-* [`OOM-2061 <https://jira.onap.org/browse/OOM-2061>`_] - Details Missing for installing the kubectl section
-* [`OOM-2075 <https://jira.onap.org/browse/OOM-2075>`_] - Invalid MTU for Canal CNI interfaces
-* [`OOM-2080 <https://jira.onap.org/browse/OOM-2080>`_] - Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
-* [`OOM-2091 <https://jira.onap.org/browse/OOM-2091>`_] - incorrect release deployed
-* [`OOM-2132 <https://jira.onap.org/browse/OOM-2132>`_] - Common Galera server.cnf does not contain Camunda required settings
-
-**Security Notes**
-
-*Fixed Security Issues*
-
-*Known Security Issues*
-
-* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
-* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
-* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
-
-*Known Vulnerabilities in Used Modules*
-
-OOM code has been formally scanned during build time using NexusIQ and no
-Critical vulnerability was found.
-
-Quick Links:
-
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
-
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
-
-
-Version 5.0.0 (El Alto Early Drop)
-----------------------------------
-
-:Release Date: 2019-08-19
-
-Summary
--------
-
-**Software Requirements**
-
-* Upgraded to Kubernetes 1.15.x and Helm 1.14.x
-
-
-Version 4.0.0 (Dublin Release)
-------------------------------
-
-:Release Date: 2019-06-26
-
-Summary
--------
-
-**Platform Resiliency**
-
-* Documenation of a Highly-Available Kubernetes Cluster Deployment
-* Availability of a Default Storage Class Provisioner for improved Persistent Storage resiliency
-* Availability of a CNI reference integration for Multi-site support
-
- * applications can take advantage of multi-site by using POD and/or Node (anti)affinity, taints/tolerations, labels per application
-
-**Footprint Optimization**
-
-* Shared MariaDB-Galera Cluster - current clients in Dublin: SO, SDNC
-* Shared Cassandra Cluster - current clients in Dublin: AAI, SDC
-* Optional deployment of independent clusters (backward compatibility)
-
-**Platform Upgradability**
-
-* Introduction of an Upgrade Framework supporting:
-
- * Automated rolling upgrades for applications
- * In-place schema and data migrations
- * Blue-Green deployment environment migration (e.g. Pre-prod to Prod)
- * Upgrades from embedded database instance into shared database instance
-
-* Release-to-release upgrade support delivered for the following projects
-
- * A&AI
- * SDNC
- * SO
-
-**Security Notes**
-
-*Fixed Security Issues*
-
-*Known Security Issues*
-
-* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
-* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
-* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
-
-*Known Vulnerabilities in Used Modules*
-
-OOM code has been formally scanned during build time using NexusIQ and no
-Critical vulnerability was found.
-
-Quick Links:
-
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
-
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
-
-
-**Known Issues**
-
-
-
-Version 3.0.0 Casablanca Release
---------------------------------
-
-:Release Date: 2018-11-30
-
-Summary
--------
-
-The focus of this release was on incremental improvements in the following
-areas:
-
-* Pluggable persistent storage with support for GlusterFS as the first storage
- class provisioner
-
-* CPU and Memory limits in Helm Charts to improve Pod placement based on
- resource availablity in Kubernetes Cluster
-
-* Support of Node Selectors for Pod placement
-
-* Common "shared" Helm Charts referencing common images
-
- - mariadb-galera
- - postgres
- - cassandra
- - mysql
- - mongo
-
-* Integration of ARK Backup and Restore solution
-
-* Introduction of Helm deploy and undeploy plugins to better manage ONAP
- deployments
-
-
-**Security Notes**
-
-OOM code has been formally scanned during build time using NexusIQ and no
-Critical vulnerability was found.
-
-Quick Links:
-
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
-
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
-
-
-**Known Issues**
-
- * **Problem**: kubectl connections to pods (kubectl exec|logs) will
- fail after a while due to a known bug in Kubernetes (1.11.2)
-
- **Workaround**: Restart of the kubelet daemons on the k8s hosts
-
- **Fix**: Will be delivered in the next release via a new
- Kubernetes version (1.12)
-
- - `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_
- - `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_
- - `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_
- - `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_
-
-
-Version 2.0.0 Beijing Release
------------------------------
-
-:Release Date: 2018-06-07
-
-Epic
-****
-
-* [`OOM-6 <https://jira.onap.org/browse/OOM-6>`_] - Automated platform deployment on Docker/Kubernetes
-* [`OOM-7 <https://jira.onap.org/browse/OOM-7>`_] - Platform monitoring and auto-healing
-* [`OOM-8 <https://jira.onap.org/browse/OOM-8>`_] - Automated platform scalability
-* [`OOM-9 <https://jira.onap.org/browse/OOM-9>`_] - Platform upgradability & rollbacks
-* [`OOM-10 <https://jira.onap.org/browse/OOM-10>`_] - Platform configuration management
-* [`OOM-46 <https://jira.onap.org/browse/OOM-46>`_] - Platform infrastructure deployment with TOSCA
-* [`OOM-109 <https://jira.onap.org/browse/OOM-109>`_] - Platform Centralized Logging
-* [`OOM-138 <https://jira.onap.org/browse/OOM-138>`_] - Using Optimization framework
-* [`OOM-346 <https://jira.onap.org/browse/OOM-346>`_] - Platform Resiliency (including Recoverability, High-Availability, Backup/Restore, Geo-Redundancy)
-* [`OOM-376 <https://jira.onap.org/browse/OOM-376>`_] - ONAP deployment options standardization
-* [`OOM-486 <https://jira.onap.org/browse/OOM-486>`_] - HELM upgrade from 2.3 to 2.8.0
-* [`OOM-535 <https://jira.onap.org/browse/OOM-535>`_] - Upgrade Kubernetes from 1.8.6 to 1.9.2
-* [`OOM-590 <https://jira.onap.org/browse/OOM-590>`_] - OOM Wiki documentation of deployment options
-
-Story
-*****
-
-* [`OOM-11 <https://jira.onap.org/browse/OOM-11>`_] - Add AAF containers to ONAP Kubernetes
-* [`OOM-13 <https://jira.onap.org/browse/OOM-13>`_] - Add CLI containers to ONAP Kubernetes
-* [`OOM-15 <https://jira.onap.org/browse/OOM-15>`_] - Add DMAAP containers to ONAP Kubernetes
-* [`OOM-20 <https://jira.onap.org/browse/OOM-20>`_] - State Monitoring: MSO/mso
-* [`OOM-21 <https://jira.onap.org/browse/OOM-21>`_] - State Monitoring: A&AI/aai-service
-* [`OOM-22 <https://jira.onap.org/browse/OOM-22>`_] - State Monitoring: SDNC/sdc-be
-* [`OOM-24 <https://jira.onap.org/browse/OOM-24>`_] - State Monitoring: message-router
-* [`OOM-25 <https://jira.onap.org/browse/OOM-25>`_] - State Monitoring: MSB
-* [`OOM-29 <https://jira.onap.org/browse/OOM-29>`_] - State Monitoring: VID
-* [`OOM-31 <https://jira.onap.org/browse/OOM-31>`_] - State Monitoring: APPC/dbhost
-* [`OOM-32 <https://jira.onap.org/browse/OOM-32>`_] - State Monitoring: VFC
-* [`OOM-33 <https://jira.onap.org/browse/OOM-33>`_] - State Monitoring: Multi-VIM
-* [`OOM-34 <https://jira.onap.org/browse/OOM-34>`_] - Auto-Restart on failure: ...
-* [`OOM-35 <https://jira.onap.org/browse/OOM-35>`_] - State Monitoring: A&AI/hbase
-* [`OOM-36 <https://jira.onap.org/browse/OOM-36>`_] - State Monitoring: A&AI/model-loader-service
-* [`OOM-37 <https://jira.onap.org/browse/OOM-37>`_] - State Monitoring: APPC/dgbuilder
-* [`OOM-38 <https://jira.onap.org/browse/OOM-38>`_] - State Monitoring: APPC/sdnctldb01
-* [`OOM-39 <https://jira.onap.org/browse/OOM-39>`_] - State Monitoring: APPC/sdnctldb02
-* [`OOM-40 <https://jira.onap.org/browse/OOM-40>`_] - State Monitoring: APPC/sdnhost
-* [`OOM-41 <https://jira.onap.org/browse/OOM-41>`_] - State Monitoring: MSO/mariadb
-* [`OOM-42 <https://jira.onap.org/browse/OOM-42>`_] - State Monitoring: SDNC/dbhost
-* [`OOM-43 <https://jira.onap.org/browse/OOM-43>`_] - State Monitoring: SDNC/sdnc-dgbuilder
-* [`OOM-44 <https://jira.onap.org/browse/OOM-44>`_] - State Monitoring: SDNC/sdnc-portal
-* [`OOM-45 <https://jira.onap.org/browse/OOM-45>`_] - State Monitoring: SDNC/sdnctldb01
-* [`OOM-51 <https://jira.onap.org/browse/OOM-51>`_] - OOM ONAP Configuration Management - Externalize hardwired values
-* [`OOM-52 <https://jira.onap.org/browse/OOM-52>`_] - OOM ONAP Configuration Management - Parameterization of docker images
-* [`OOM-53 <https://jira.onap.org/browse/OOM-53>`_] - OOM ONAP Configuration Management - Parameterization for Sizing
-* [`OOM-63 <https://jira.onap.org/browse/OOM-63>`_] - Kubernetes cluster created by TOSCA description
-* [`OOM-85 <https://jira.onap.org/browse/OOM-85>`_] - Test the code in the "Lab" project environment
-* [`OOM-86 <https://jira.onap.org/browse/OOM-86>`_] - Monitoring the health status of ONAP components
-* [`OOM-87 <https://jira.onap.org/browse/OOM-87>`_] - Configure TOSCA description via dashboard
-* [`OOM-88 <https://jira.onap.org/browse/OOM-88>`_] - Deploy Holmes on K8S cluster by TOSCA description
-* [`OOM-89 <https://jira.onap.org/browse/OOM-89>`_] - Deploy CLAMP on K8S cluster by TOSCA description
-* [`OOM-91 <https://jira.onap.org/browse/OOM-91>`_] - Deploy MSB on K8S cluster by TOSCA description
-* [`OOM-92 <https://jira.onap.org/browse/OOM-92>`_] - Deploy AAF on K8S cluster by TOSCA description
-* [`OOM-93 <https://jira.onap.org/browse/OOM-93>`_] - Deploy VF-C on K8S cluster by TOSCA description
-* [`OOM-94 <https://jira.onap.org/browse/OOM-94>`_] - Deploy Multi-VIM on K8S cluster by TOSCA description
-* [`OOM-95 <https://jira.onap.org/browse/OOM-95>`_] - Deploy DCAEGen2 on K8S cluster by TOSCA description
-* [`OOM-96 <https://jira.onap.org/browse/OOM-96>`_] - Deploy AAI on K8S cluster by TOSCA description
-* [`OOM-97 <https://jira.onap.org/browse/OOM-97>`_] - Deploy APPC on K8S cluster by TOSCA description
-* [`OOM-98 <https://jira.onap.org/browse/OOM-98>`_] - Deploy MSO on K8S cluster by TOSCA description
-* [`OOM-99 <https://jira.onap.org/browse/OOM-99>`_] - Deploy Policy on K8S cluster by TOSCA description
-* [`OOM-100 <https://jira.onap.org/browse/OOM-100>`_] - Deploy SDC on K8S cluster by TOSCA description
-* [`OOM-102 <https://jira.onap.org/browse/OOM-102>`_] - Deploy VID on K8S cluster by TOSCA description
-* [`OOM-110 <https://jira.onap.org/browse/OOM-110>`_] - OOM ONAP Logging - Elastic Stack components deployment
-* [`OOM-111 <https://jira.onap.org/browse/OOM-111>`_] - OOM ONAP Logging - FileBeat deployment aside ONAP components
-* [`OOM-112 <https://jira.onap.org/browse/OOM-112>`_] - OOM ONAP Logging - Configuration of all ONAP components to emit canonical logs
-* [`OOM-116 <https://jira.onap.org/browse/OOM-116>`_] - ignore intellj files
-* [`OOM-145 <https://jira.onap.org/browse/OOM-145>`_] - update directory path from dockerdata-nfs to configured directory name (make it configurable)
-* [`OOM-235 <https://jira.onap.org/browse/OOM-235>`_] - Service endpoint annotation for Usecase UI
-* [`OOM-242 <https://jira.onap.org/browse/OOM-242>`_] - Modify DCAE seed for Helm
-* [`OOM-262 <https://jira.onap.org/browse/OOM-262>`_] - Remove "oneclick" kubectl scripts.
-* [`OOM-265 <https://jira.onap.org/browse/OOM-265>`_] - Top level helm chart for ONAP
-* [`OOM-268 <https://jira.onap.org/browse/OOM-268>`_] - Persist and externalize database directories via persistent volumes
-* [`OOM-271 <https://jira.onap.org/browse/OOM-271>`_] - Copy app config files from source
-* [`OOM-272 <https://jira.onap.org/browse/OOM-272>`_] - Set application environment variables from source
-* [`OOM-277 <https://jira.onap.org/browse/OOM-277>`_] - add automatic ONAP config parameter substitution
-* [`OOM-280 <https://jira.onap.org/browse/OOM-280>`_] - MSB automatically re-synch service data on restart.
-* [`OOM-292 <https://jira.onap.org/browse/OOM-292>`_] - Expose LOG Volume via /dockerdata-nfs
-* [`OOM-293 <https://jira.onap.org/browse/OOM-293>`_] - OOM ONAP Configuration Management - Handling of Secrets
-* [`OOM-298 <https://jira.onap.org/browse/OOM-298>`_] - Provide script to cleanup configuration data created by createConfig.sh
-* [`OOM-322 <https://jira.onap.org/browse/OOM-322>`_] - Clean-up config files that are generated at system startup
-* [`OOM-341 <https://jira.onap.org/browse/OOM-341>`_] - Provide an example of a partial deployment of ONAP components (e.g. no VFC)
-* [`OOM-342 <https://jira.onap.org/browse/OOM-342>`_] - Add pointer to Wiki page on the readme file.
-* [`OOM-344 <https://jira.onap.org/browse/OOM-344>`_] - Break the configuration tarball per appplication
-* [`OOM-345 <https://jira.onap.org/browse/OOM-345>`_] - Re-validate # of containers and configuration for DCAEgen2
-* [`OOM-356 <https://jira.onap.org/browse/OOM-356>`_] - Add 'Usecase UI' containers to ONAP Kubernetes
-* [`OOM-359 <https://jira.onap.org/browse/OOM-359>`_] - SDC logback chef failure
-* [`OOM-375 <https://jira.onap.org/browse/OOM-375>`_] - F2F: ONAP/OOM for Developers
-* [`OOM-382 <https://jira.onap.org/browse/OOM-382>`_] - Robot Version 1.1 OpenO tests
-* [`OOM-406 <https://jira.onap.org/browse/OOM-406>`_] - In Kubernetes 1.8, the annotations are no longer supported and must be converted to the PodSpec field.
-* [`OOM-457 <https://jira.onap.org/browse/OOM-457>`_] - In Kubernetes 1.8, init-container annotations to be converted to PodSpec field for aaf, clamp and vfc
-* [`OOM-460 <https://jira.onap.org/browse/OOM-460>`_] - Segregating configuration of ONAP components
-* [`OOM-476 <https://jira.onap.org/browse/OOM-476>`_] - Parameterize values.yaml docker image repos into global config variables
-* [`OOM-528 <https://jira.onap.org/browse/OOM-528>`_] - Confirm k8s context with a prompt for deleteAll.bash
-* [`OOM-534 <https://jira.onap.org/browse/OOM-534>`_] - Need to provide support for creating different sized OOM deployments
-* [`OOM-546 <https://jira.onap.org/browse/OOM-546>`_] - Provide option to collect ONAP env details for issue investigations
-* [`OOM-569 <https://jira.onap.org/browse/OOM-569>`_] - Investigate containerizing Cloudify Manager
-* [`OOM-579 <https://jira.onap.org/browse/OOM-579>`_] - Document a Cloudify deployment of OOM Beijing
-* [`OOM-633 <https://jira.onap.org/browse/OOM-633>`_] - Provide direct access to ONAP Portal without the need to use VNC
-* [`OOM-677 <https://jira.onap.org/browse/OOM-677>`_] - Update all source code files with the Apache 2 License header
-* [`OOM-678 <https://jira.onap.org/browse/OOM-678>`_] - Enforce MSB dockers dependencies using init-container
-* [`OOM-681 <https://jira.onap.org/browse/OOM-681>`_] - updating docker images/components to latest code
-* [`OOM-682 <https://jira.onap.org/browse/OOM-682>`_] - deployment of sdc workflow designer
-* [`OOM-695 <https://jira.onap.org/browse/OOM-695>`_] - Improve Readiness-check prob
-* [`OOM-722 <https://jira.onap.org/browse/OOM-722>`_] - OOM - Run all ONAP components in one namespace
-* [`OOM-725 <https://jira.onap.org/browse/OOM-725>`_] - Use Blueprint to install Helm and k8s dashboard while creating k8s cluster
-* [`OOM-727 <https://jira.onap.org/browse/OOM-727>`_] - Add Standardized Configuration to SO
-* [`OOM-728 <https://jira.onap.org/browse/OOM-728>`_] - Add Standardized Configuration to ROBOT
-* [`OOM-729 <https://jira.onap.org/browse/OOM-729>`_] - Add Standardized Configuration to VID
-* [`OOM-730 <https://jira.onap.org/browse/OOM-730>`_] - Add Standardized Configuration to Consul
-* [`OOM-731 <https://jira.onap.org/browse/OOM-731>`_] - Add Standardized Configuration to DMaaP Message Router
-* [`OOM-732 <https://jira.onap.org/browse/OOM-732>`_] - Add Standardized Configuration to AAF
-* [`OOM-733 <https://jira.onap.org/browse/OOM-733>`_] - Add Standardized Configuration to APPC
-* [`OOM-734 <https://jira.onap.org/browse/OOM-734>`_] - Add Standardized Configuration to AAI
-* [`OOM-735 <https://jira.onap.org/browse/OOM-735>`_] - Add Standardized Configuration to CLAMP
-* [`OOM-736 <https://jira.onap.org/browse/OOM-736>`_] - Add Standardized Configuration to CLI
-* [`OOM-737 <https://jira.onap.org/browse/OOM-737>`_] - Add Standardized Configuration to DCAEGEN2
-* [`OOM-738 <https://jira.onap.org/browse/OOM-738>`_] - Add Standardized Configuration to ESR
-* [`OOM-739 <https://jira.onap.org/browse/OOM-739>`_] - Add Standardized Configuration to KUBE2MSB
-* [`OOM-740 <https://jira.onap.org/browse/OOM-740>`_] - Add Standardized Configuration to LOG
-* [`OOM-742 <https://jira.onap.org/browse/OOM-742>`_] - Add Standardized Configuration to MSB
-* [`OOM-743 <https://jira.onap.org/browse/OOM-743>`_] - Replace deprecated MSO Helm Chart with Standardized SO Helm Chart
-* [`OOM-744 <https://jira.onap.org/browse/OOM-744>`_] - Add Standardized Configuration to MULTICLOUD
-* [`OOM-746 <https://jira.onap.org/browse/OOM-746>`_] - Add Standardized Configuration to PORTAL
-* [`OOM-747 <https://jira.onap.org/browse/OOM-747>`_] - Add Standardized Configuration to SDC
-* [`OOM-748 <https://jira.onap.org/browse/OOM-748>`_] - Add Standardized Configuration to SDNC
-* [`OOM-749 <https://jira.onap.org/browse/OOM-749>`_] - Add Standardized Configuration to UUI
-* [`OOM-750 <https://jira.onap.org/browse/OOM-750>`_] - Add Standardized Configuration to VFC
-* [`OOM-751 <https://jira.onap.org/browse/OOM-751>`_] - Add Standardized Configuration to VNFSDK
-* [`OOM-758 <https://jira.onap.org/browse/OOM-758>`_] - Common Mariadb Galera Helm Chart to be reused by many applications
-* [`OOM-771 <https://jira.onap.org/browse/OOM-771>`_] - OOM - update master with new policy db deployment
-* [`OOM-777 <https://jira.onap.org/browse/OOM-777>`_] - Add Standardized Configuration Helm Starter Chart
-* [`OOM-779 <https://jira.onap.org/browse/OOM-779>`_] - OOM APPC ODL (MDSAL) persistent storage
-* [`OOM-780 <https://jira.onap.org/browse/OOM-780>`_] - Update MSO to latest working version.
-* [`OOM-786 <https://jira.onap.org/browse/OOM-786>`_] - Re-add support for multiple instances of ONAP
-* [`OOM-788 <https://jira.onap.org/browse/OOM-788>`_] - Abstract docker secrets
-* [`OOM-789 <https://jira.onap.org/browse/OOM-789>`_] - Abstract cluster role binding
-* [`OOM-811 <https://jira.onap.org/browse/OOM-811>`_] - Make kube2msb use secret instead of passing token as environment variable
-* [`OOM-822 <https://jira.onap.org/browse/OOM-822>`_] - Update Documentation for the Beijing Release
-* [`OOM-823 <https://jira.onap.org/browse/OOM-823>`_] - Add CDT image to APPC chart
-* [`OOM-827 <https://jira.onap.org/browse/OOM-827>`_] - Add quick start documentation README
-* [`OOM-828 <https://jira.onap.org/browse/OOM-828>`_] - Remove oneclick scripts
-* [`OOM-857 <https://jira.onap.org/browse/OOM-857>`_] - kube2msb fails to start
-* [`OOM-914 <https://jira.onap.org/browse/OOM-914>`_] - Add LOG component robot healthcheck
-* [`OOM-960 <https://jira.onap.org/browse/OOM-960>`_] - OOM Healthcheck lockdown - currently 32/39 : 20180421
-* [`OOM-979 <https://jira.onap.org/browse/OOM-979>`_] - Enhance OOM TOSCA solution to support standardized Helm Chart
-* [`OOM-1006 <https://jira.onap.org/browse/OOM-1006>`_] - VNFSDK healthcheck fails
-* [`OOM-1073 <https://jira.onap.org/browse/OOM-1073>`_] - Change the Repository location in the image oomk8s/config-init:2.0.0-SNAPSHOT
-* [`OOM-1078 <https://jira.onap.org/browse/OOM-1078>`_] - Update Kubectl, docker, helm version
-
-Task
-****
-
-* [`OOM-57 <https://jira.onap.org/browse/OOM-57>`_] - Agree on configuration contract/YAML with each of the project teams
-* [`OOM-105 <https://jira.onap.org/browse/OOM-105>`_] - TOSCA based orchestration demo
-* [`OOM-257 <https://jira.onap.org/browse/OOM-257>`_] - DevOps: OOM config reset procedure for new /dockerdata-nfs content
-* [`OOM-305 <https://jira.onap.org/browse/OOM-305>`_] - Rename MSO to SO in OOM
-* [`OOM-332 <https://jira.onap.org/browse/OOM-332>`_] - Add AAI filebeat container - blocked by LOG-67
-* [`OOM-428 <https://jira.onap.org/browse/OOM-428>`_] - Add log container healthcheck to mark failed creations - see OOM-427
-* [`OOM-429 <https://jira.onap.org/browse/OOM-429>`_] - DOC: Document HELM server version 2.7.2 required for tpl usage
-* [`OOM-489 <https://jira.onap.org/browse/OOM-489>`_] - Update values.yaml files for tag name changes for docker images and versions.
-* [`OOM-543 <https://jira.onap.org/browse/OOM-543>`_] - SDNC adjust docker pullPolicy to IfNotPresent to speed up initial deployment slowdown introduced by SDNC-163
-* [`OOM-604 <https://jira.onap.org/browse/OOM-604>`_] - Update OOM and HEAT AAI sparky master from v1.1.0 to v1.1.1 - match INT-288
-* [`OOM-614 <https://jira.onap.org/browse/OOM-614>`_] - SDC, SDNC, AAI Healthcheck failures last 12 hours 20180124:1100EST
-* [`OOM-624 <https://jira.onap.org/browse/OOM-624>`_] - CII security badging: cleartext password for keystone and docker repo creds
-* [`OOM-726 <https://jira.onap.org/browse/OOM-726>`_] - Mirror AAI docker version changes into OOM from AAI-791
-* [`OOM-772 <https://jira.onap.org/browse/OOM-772>`_] - Remove old DCAE from Release
-* [`OOM-801 <https://jira.onap.org/browse/OOM-801>`_] - Policy docker images rename - key off new name in POLICY-674
-* [`OOM-810 <https://jira.onap.org/browse/OOM-810>`_] - Improve emsdriver code
-* [`OOM-819 <https://jira.onap.org/browse/OOM-819>`_] - expose log/logstash 5044 as nodeport for external log producers outside of the kubernetes cluster
-* [`OOM-820 <https://jira.onap.org/browse/OOM-820>`_] - Bypass vnc-portal for ONAP portal access
-* [`OOM-943 <https://jira.onap.org/browse/OOM-943>`_] - Upgrade prepull_docker.sh to work with new helm based master refactor - post OOM-328
-* [`OOM-947 <https://jira.onap.org/browse/OOM-947>`_] - Update AAI to latest images
-* [`OOM-975 <https://jira.onap.org/browse/OOM-975>`_] - Notes are missing in multicloud
-* [`OOM-1031 <https://jira.onap.org/browse/OOM-1031>`_] - Config Changes for consul to make vid, so, log health checks pass
-* [`OOM-1032 <https://jira.onap.org/browse/OOM-1032>`_] - Making consul Stateful
-* [`OOM-1122 <https://jira.onap.org/browse/OOM-1122>`_] - Update APPC OOM chart to use Beijing release artifacts
-
-Bug
-***
-
-* [`OOM-4 <https://jira.onap.org/browse/OOM-4>`_] - deleteAll.bash fails to properly delete services and ports
-* [`OOM-153 <https://jira.onap.org/browse/OOM-153>`_] - test - Sample Bug
-* [`OOM-212 <https://jira.onap.org/browse/OOM-212>`_] - deleteAll script does not have an option to delete the services
-* [`OOM-215 <https://jira.onap.org/browse/OOM-215>`_] - configure_app for helm apps is not correct
-* [`OOM-218 <https://jira.onap.org/browse/OOM-218>`_] - createConfig.sh needs a chmod 755 in release-1.0.0 only
-* [`OOM-239 <https://jira.onap.org/browse/OOM-239>`_] - mso.tar created in dockerdatanfs
-* [`OOM-258 <https://jira.onap.org/browse/OOM-258>`_] - AAI logs are not being written outside the pods
-* [`OOM-282 <https://jira.onap.org/browse/OOM-282>`_] - vnc-portal requires /etc/hosts url fix for SDC sdc.ui should be sdc.api
-* [`OOM-283 <https://jira.onap.org/browse/OOM-283>`_] - No longer able to deploy instances in specified namespace
-* [`OOM-290 <https://jira.onap.org/browse/OOM-290>`_] - config_init pod fails when /dockerdata-nfs is nfs-mounted
-* [`OOM-300 <https://jira.onap.org/browse/OOM-300>`_] - cat: /config-init/onap/mso/mso/encryption.key: No such file or directory
-* [`OOM-333 <https://jira.onap.org/browse/OOM-333>`_] - vfc-workflow fails [VFC BUG] - fixed - 20180117 vfc-ztevnfmdriver has docker pull issue
-* [`OOM-334 <https://jira.onap.org/browse/OOM-334>`_] - Change kubernetes startup user
-* [`OOM-351 <https://jira.onap.org/browse/OOM-351>`_] - Apply standard convention across the "template deployment YML" file
-* [`OOM-352 <https://jira.onap.org/browse/OOM-352>`_] - failed to start VFC containers
-* [`OOM-363 <https://jira.onap.org/browse/OOM-363>`_] - DCAE tests NOK with Robot E2E tests
-* [`OOM-366 <https://jira.onap.org/browse/OOM-366>`_] - certificates in consul agent config are not in the right directory
-* [`OOM-389 <https://jira.onap.org/browse/OOM-389>`_] - sdc-be and sdc-fe do not initialize correctly on latest master
-* [`OOM-409 <https://jira.onap.org/browse/OOM-409>`_] - Update Vid yaml file to point to the ONAPPORTAL URL
-* [`OOM-413 <https://jira.onap.org/browse/OOM-413>`_] - In portal VNC pod refresh /etc/hosts entries
-* [`OOM-414 <https://jira.onap.org/browse/OOM-414>`_] - MSB Healtcheck failure on $*_ENDPOINT variables
-* [`OOM-424 <https://jira.onap.org/browse/OOM-424>`_] - DCAE installation is not possible today
-* [`OOM-430 <https://jira.onap.org/browse/OOM-430>`_] - Portal healthcheck passing on vnc-portal down
-* [`OOM-467 <https://jira.onap.org/browse/OOM-467>`_] - Optimize config-init process
-* [`OOM-493 <https://jira.onap.org/browse/OOM-493>`_] - Kubernetes infrastructure for ESR
-* [`OOM-496 <https://jira.onap.org/browse/OOM-496>`_] - Readiness check is marking full availability of some components like SDC and SDNC before they would pass healthcheck
-* [`OOM-514 <https://jira.onap.org/browse/OOM-514>`_] - Readiness prob fails sometimes even though the relevant pods are running
-* [`OOM-539 <https://jira.onap.org/browse/OOM-539>`_] - Kube2MSB registrator doesn't support https REST service registration
-* [`OOM-570 <https://jira.onap.org/browse/OOM-570>`_] - Wrong value is assigned to kube2msb AUTH_TOKEN environment variable
-* [`OOM-574 <https://jira.onap.org/browse/OOM-574>`_] - OOM configuration for robot doesnt copy heat templatese in dockerdata-nfs
-* [`OOM-577 <https://jira.onap.org/browse/OOM-577>`_] - Incorrect evaluation of bash command in yaml template file (portal-vnc-dep.yaml)
-* [`OOM-578 <https://jira.onap.org/browse/OOM-578>`_] - Hard coded token in oom/kubernetes/kube2msb/values.yaml file
-* [`OOM-589 <https://jira.onap.org/browse/OOM-589>`_] - Can not acces CLI in vnc-portal
-* [`OOM-598 <https://jira.onap.org/browse/OOM-598>`_] - createAll.bash base64: invalid option -- d
-* [`OOM-600 <https://jira.onap.org/browse/OOM-600>`_] - Unable to open CLI by clicking CLI application icon
-* [`OOM-630 <https://jira.onap.org/browse/OOM-630>`_] - Red herring config pod deletion error on deleteAll - after we started deleting onap-config automatically
-* [`OOM-645 <https://jira.onap.org/browse/OOM-645>`_] - Kube2MSB RBAC security issues
-* [`OOM-653 <https://jira.onap.org/browse/OOM-653>`_] - sdnc-dbhost-0 deletion failure
-* [`OOM-657 <https://jira.onap.org/browse/OOM-657>`_] - Look into DCAEGEN2 failure on duplicate servicePort
-* [`OOM-672 <https://jira.onap.org/browse/OOM-672>`_] - hardcoded clusterIP for aai breaks auto installation
-* [`OOM-680 <https://jira.onap.org/browse/OOM-680>`_] - ONAP Failure install with kubernetes 1.8+
-* [`OOM-687 <https://jira.onap.org/browse/OOM-687>`_] - Typo in README_HELM
-* [`OOM-724 <https://jira.onap.org/browse/OOM-724>`_] - License Update in TOSCA
-* [`OOM-767 <https://jira.onap.org/browse/OOM-767>`_] - data-router-logs and elasticsearch-data mapped to same folder
-* [`OOM-768 <https://jira.onap.org/browse/OOM-768>`_] - Hardcoded onap in config files
-* [`OOM-769 <https://jira.onap.org/browse/OOM-769>`_] - sdc-es data mapping in sdc-be and sdc-fe redundant
-* [`OOM-783 <https://jira.onap.org/browse/OOM-783>`_] - UUI health check is failing
-* [`OOM-784 <https://jira.onap.org/browse/OOM-784>`_] - make new so chart one namespace compatible
-* [`OOM-791 <https://jira.onap.org/browse/OOM-791>`_] - After OOM-722 merge - docker pulls are timing out - switch to pullPolicy IfNotPresent
-* [`OOM-794 <https://jira.onap.org/browse/OOM-794>`_] - demo-k8s.sh name not modified in the usage string
-* [`OOM-795 <https://jira.onap.org/browse/OOM-795>`_] - HEAT templates for robot instantiateVFW missing
-* [`OOM-796 <https://jira.onap.org/browse/OOM-796>`_] - robot asdc/sdngc interface in synch for Master
-* [`OOM-797 <https://jira.onap.org/browse/OOM-797>`_] - GLOBAL_INJECTED_SCRIPT_VERSION missing from vm_properties.py
-* [`OOM-804 <https://jira.onap.org/browse/OOM-804>`_] - VFC vfc-ztevnfmdriver container failure
-* [`OOM-815 <https://jira.onap.org/browse/OOM-815>`_] - OOM Robot container helm failure after OOM-728 35909 merge
-* [`OOM-829 <https://jira.onap.org/browse/OOM-829>`_] - Can not make multicloud helm chart
-* [`OOM-830 <https://jira.onap.org/browse/OOM-830>`_] - Fix OOM build dependencies
-* [`OOM-835 <https://jira.onap.org/browse/OOM-835>`_] - CLAMP mariadb pv is pointing to a wrong location
-* [`OOM-836 <https://jira.onap.org/browse/OOM-836>`_] - champ and gizmo yaml validation issue
-* [`OOM-845 <https://jira.onap.org/browse/OOM-845>`_] - Global repository should not be set by default
-* [`OOM-846 <https://jira.onap.org/browse/OOM-846>`_] - Add liveness enabled fix to helm starter
-* [`OOM-847 <https://jira.onap.org/browse/OOM-847>`_] - log-elasticsearch external ports are not externally accessible
-* [`OOM-848 <https://jira.onap.org/browse/OOM-848>`_] - log-logstash logstash pipeline fails to start after oom standard config changes
-* [`OOM-851 <https://jira.onap.org/browse/OOM-851>`_] - sdc chart validation error
-* [`OOM-856 <https://jira.onap.org/browse/OOM-856>`_] - appc mysql fails deployment
-* [`OOM-858 <https://jira.onap.org/browse/OOM-858>`_] - Fail to deploy onap chart due to config map size
-* [`OOM-870 <https://jira.onap.org/browse/OOM-870>`_] - Missing CLAMP configuration
-* [`OOM-871 <https://jira.onap.org/browse/OOM-871>`_] - log kibana container fails to start after oom standard config changes
-* [`OOM-872 <https://jira.onap.org/browse/OOM-872>`_] - APPC-helm Still need config pod
-* [`OOM-873 <https://jira.onap.org/browse/OOM-873>`_] - OOM doc typo
-* [`OOM-874 <https://jira.onap.org/browse/OOM-874>`_] - Inconsistent repository references in ONAP charts
-* [`OOM-875 <https://jira.onap.org/browse/OOM-875>`_] - Cannot retrieve robot logs
-* [`OOM-876 <https://jira.onap.org/browse/OOM-876>`_] - Some containers ignore the repository setting
-* [`OOM-878 <https://jira.onap.org/browse/OOM-878>`_] - MySQL slave nodes don't deploy when mysql.replicaCount > 1
-* [`OOM-881 <https://jira.onap.org/browse/OOM-881>`_] - SDN-C Portal pod fails to come up
-* [`OOM-882 <https://jira.onap.org/browse/OOM-882>`_] - Some SDNC service names should be prefixed with the helm release name
-* [`OOM-884 <https://jira.onap.org/browse/OOM-884>`_] - VID-VID mariadb pv is pointing to a wrong location
-* [`OOM-885 <https://jira.onap.org/browse/OOM-885>`_] - Beijing oom component log messages missing in Elasticsearch
-* [`OOM-886 <https://jira.onap.org/browse/OOM-886>`_] - kube2msb not starting up
-* [`OOM-887 <https://jira.onap.org/browse/OOM-887>`_] - SDN-C db schema and sdnctl db user not reliably being created
-* [`OOM-888 <https://jira.onap.org/browse/OOM-888>`_] - aaf-cs mapping wrong
-* [`OOM-889 <https://jira.onap.org/browse/OOM-889>`_] - restore pv&pvc for mysql when NFS provisioner is disabled
-* [`OOM-898 <https://jira.onap.org/browse/OOM-898>`_] - Multicloud-framework config file is not volume-mounted
-* [`OOM-899 <https://jira.onap.org/browse/OOM-899>`_] - SDNC main pod does not come up
-* [`OOM-900 <https://jira.onap.org/browse/OOM-900>`_] - portal-cassandra missing pv and pvc
-* [`OOM-904 <https://jira.onap.org/browse/OOM-904>`_] - OOM problems bringing up components and passing healthchecks
-* [`OOM-905 <https://jira.onap.org/browse/OOM-905>`_] - Charts use nsPrefix instead of release namespace
-* [`OOM-906 <https://jira.onap.org/browse/OOM-906>`_] - Make all services independent of helm Release.Name
-* [`OOM-907 <https://jira.onap.org/browse/OOM-907>`_] - Make all persistent volume to be mapped to a location defined by helm Release.Name
-* [`OOM-908 <https://jira.onap.org/browse/OOM-908>`_] - Job portal-db-config fails due to missing image config
-* [`OOM-909 <https://jira.onap.org/browse/OOM-909>`_] - SO Health Check fails
-* [`OOM-910 <https://jira.onap.org/browse/OOM-910>`_] - VID Health Check fails
-* [`OOM-911 <https://jira.onap.org/browse/OOM-911>`_] - VFC Health Check fails for 9 components
-* [`OOM-912 <https://jira.onap.org/browse/OOM-912>`_] - Multicloud Health Check fails for 1 of its components
-* [`OOM-913 <https://jira.onap.org/browse/OOM-913>`_] - Consul agent pod is failing
-* [`OOM-916 <https://jira.onap.org/browse/OOM-916>`_] - Used to fix testing issues related to usability
-* [`OOM-918 <https://jira.onap.org/browse/OOM-918>`_] - Policy - incorrect configmap mount causes base.conf to disappear
-* [`OOM-920 <https://jira.onap.org/browse/OOM-920>`_] - Issue with CLAMP configuation
-* [`OOM-921 <https://jira.onap.org/browse/OOM-921>`_] - align onap/values.yaml and onap/resources/environments/dev.yaml - different /dockerdata-nfs
-* [`OOM-926 <https://jira.onap.org/browse/OOM-926>`_] - Disable clustering for APP-C out-of-the-box
-* [`OOM-927 <https://jira.onap.org/browse/OOM-927>`_] - Need a production grade configuration override file of ONAP deployment
-* [`OOM-928 <https://jira.onap.org/browse/OOM-928>`_] - Some charts use /dockerdata-nfs by default
-* [`OOM-929 <https://jira.onap.org/browse/OOM-929>`_] - DMaaP message router docker image fails to pull
-* [`OOM-930 <https://jira.onap.org/browse/OOM-930>`_] - New AAF Helm Charts required
-* [`OOM-931 <https://jira.onap.org/browse/OOM-931>`_] - Reintroduce VNC pod into OOM
-* [`OOM-932 <https://jira.onap.org/browse/OOM-932>`_] - Unblock integration testing
-* [`OOM-935 <https://jira.onap.org/browse/OOM-935>`_] - sdc-cassandra pod fails to delete using helm delete - forced kubectl delete
-* [`OOM-936 <https://jira.onap.org/browse/OOM-936>`_] - Readiness-check prob version is inconsistent across components
-* [`OOM-937 <https://jira.onap.org/browse/OOM-937>`_] - Portal Cassandra config map points to wrong directory
-* [`OOM-938 <https://jira.onap.org/browse/OOM-938>`_] - Can't install aai alone using helm
-* [`OOM-945 <https://jira.onap.org/browse/OOM-945>`_] - SDNC some bundles failing to start cleanly
-* [`OOM-948 <https://jira.onap.org/browse/OOM-948>`_] - make vfc got an error
-* [`OOM-951 <https://jira.onap.org/browse/OOM-951>`_] - Update APPC charts based on on changes for ccsdk and Nitrogen ODL
-* [`OOM-953 <https://jira.onap.org/browse/OOM-953>`_] - switch aai haproxy/hbase repo from hub.docker.com to nexus3
-* [`OOM-958 <https://jira.onap.org/browse/OOM-958>`_] - SDC-be deployment missing environment paramter
-* [`OOM-964 <https://jira.onap.org/browse/OOM-964>`_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down
-* [`OOM-968 <https://jira.onap.org/browse/OOM-968>`_] - warning on default deployment values.yaml
-* [`OOM-969 <https://jira.onap.org/browse/OOM-969>`_] - oomk8s images have no Dockerfile's
-* [`OOM-971 <https://jira.onap.org/browse/OOM-971>`_] - Common service name template should allow for chart name override
-* [`OOM-974 <https://jira.onap.org/browse/OOM-974>`_] - Cassandra bootstrap is done incorrectly
-* [`OOM-977 <https://jira.onap.org/browse/OOM-977>`_] - The esr-gui annotations should include a "path" param when register to MSB
-* [`OOM-985 <https://jira.onap.org/browse/OOM-985>`_] - DMAAP Redis fails to start
-* [`OOM-986 <https://jira.onap.org/browse/OOM-986>`_] - SDC BE and FE logs are missing
-* [`OOM-989 <https://jira.onap.org/browse/OOM-989>`_] - Sync ete-k8.sh and ete.sh for new log file numbering
-* [`OOM-990 <https://jira.onap.org/browse/OOM-990>`_] - AUTO.json in SDC has unreachable addresses
-* [`OOM-993 <https://jira.onap.org/browse/OOM-993>`_] - AAI model-loader.properties not in sync with project file
-* [`OOM-994 <https://jira.onap.org/browse/OOM-994>`_] - DCAE cloudify controller docker image 1.1.0 N/A - use 1.2.0/1.3.0
-* [`OOM-1003 <https://jira.onap.org/browse/OOM-1003>`_] - dcae-cloudify-manager chart references obsolete image version
-* [`OOM-1004 <https://jira.onap.org/browse/OOM-1004>`_] - aai-resources constantly fails due to cassanda hostname
-* [`OOM-1005 <https://jira.onap.org/browse/OOM-1005>`_] - AAI Widgets not loading due to duplicate volumes
-* [`OOM-1007 <https://jira.onap.org/browse/OOM-1007>`_] - Update dcae robot health check config
-* [`OOM-1008 <https://jira.onap.org/browse/OOM-1008>`_] - Set default consul server replica count to 1
-* [`OOM-1010 <https://jira.onap.org/browse/OOM-1010>`_] - Fix broken property names in DCAE input files
-* [`OOM-1011 <https://jira.onap.org/browse/OOM-1011>`_] - Policy config correction after Service Name changes because of OOM-906
-* [`OOM-1013 <https://jira.onap.org/browse/OOM-1013>`_] - Update DCAE container versions
-* [`OOM-1014 <https://jira.onap.org/browse/OOM-1014>`_] - Portal login not working due to inconsistent zookeeper naming
-* [`OOM-1015 <https://jira.onap.org/browse/OOM-1015>`_] - Champ fails to start
-* [`OOM-1016 <https://jira.onap.org/browse/OOM-1016>`_] - DOC-OPS Review: Helm install command is wrong on oom_user_guide - missing namespace
-* [`OOM-1017 <https://jira.onap.org/browse/OOM-1017>`_] - DOC-OPS review: Docker/Kubernetes versions wrong for master in oom_cloud_setup_guide
-* [`OOM-1018 <https://jira.onap.org/browse/OOM-1018>`_] - DOC-OPS review: global repo override does not match git in oom quick start guide
-* [`OOM-1019 <https://jira.onap.org/browse/OOM-1019>`_] - DOC-OPS review: Add Ubuntu 16.04 reference to oom_user_guide to avoid 14/16 confusion
-* [`OOM-1021 <https://jira.onap.org/browse/OOM-1021>`_] - Update APPC resources for Nitrogen ODL
-* [`OOM-1022 <https://jira.onap.org/browse/OOM-1022>`_] - Fix SDC startup dependencies
-* [`OOM-1023 <https://jira.onap.org/browse/OOM-1023>`_] - "spring.datasource.cldsdb.url" in clamp has wrong clampdb name
-* [`OOM-1024 <https://jira.onap.org/browse/OOM-1024>`_] - Cassandra data not persisted
-* [`OOM-1033 <https://jira.onap.org/browse/OOM-1033>`_] - helm error during deployment 20180501:1900 - all builds under 2.7.2
-* [`OOM-1034 <https://jira.onap.org/browse/OOM-1034>`_] - VID Ports incorrect in deployment.yaml
-* [`OOM-1037 <https://jira.onap.org/browse/OOM-1037>`_] - Enable CLI health check
-* [`OOM-1039 <https://jira.onap.org/browse/OOM-1039>`_] - Service distribution to SO fails
-* [`OOM-1041 <https://jira.onap.org/browse/OOM-1041>`_] - aai-service was renamed, but old references remain
-* [`OOM-1042 <https://jira.onap.org/browse/OOM-1042>`_] - portalapps service was renamed, but old references remain
-* [`OOM-1045 <https://jira.onap.org/browse/OOM-1045>`_] - top level values.yaml missing entry for dmaap chart
-* [`OOM-1049 <https://jira.onap.org/browse/OOM-1049>`_] - SDNC_UEB_LISTENER db
-* [`OOM-1050 <https://jira.onap.org/browse/OOM-1050>`_] - Impossible to deploy consul using cache docker registry
-* [`OOM-1051 <https://jira.onap.org/browse/OOM-1051>`_] - Fix aaf deployment
-* [`OOM-1052 <https://jira.onap.org/browse/OOM-1052>`_] - SO cloud config file points to Rackspace cloud
-* [`OOM-1054 <https://jira.onap.org/browse/OOM-1054>`_] - Portal LoadBalancer Ingress IP is on the wrong network
-* [`OOM-1060 <https://jira.onap.org/browse/OOM-1060>`_] - Incorrect MR Kafka references prevent aai champ from starting
-* [`OOM-1061 <https://jira.onap.org/browse/OOM-1061>`_] - ConfigMap size limit exceeded
-* [`OOM-1064 <https://jira.onap.org/browse/OOM-1064>`_] - Improve docker registry secret management
-* [`OOM-1066 <https://jira.onap.org/browse/OOM-1066>`_] - Updating TOSCA blueprint to sync up with helm configuration changes (add dmaap and oof/delete message-router)
-* [`OOM-1068 <https://jira.onap.org/browse/OOM-1068>`_] - Update SO with new AAI cert
-* [`OOM-1076 <https://jira.onap.org/browse/OOM-1076>`_] - some charts still using readiness check image from amsterdam 1.x
-* [`OOM-1077 <https://jira.onap.org/browse/OOM-1077>`_] - AAI resources and traversal deployment failure on non-rancher envs
-* [`OOM-1079 <https://jira.onap.org/browse/OOM-1079>`_] - Robot charts dont allow over ride of pub_key, dcae_collector_ip and dcae_collector_port
-* [`OOM-1081 <https://jira.onap.org/browse/OOM-1081>`_] - Remove component 'mock' from TOSCA deployment
-* [`OOM-1082 <https://jira.onap.org/browse/OOM-1082>`_] - Wrong pv location of dcae postgres
-* [`OOM-1085 <https://jira.onap.org/browse/OOM-1085>`_] - appc hostname is incorrect in url
-* [`OOM-1086 <https://jira.onap.org/browse/OOM-1086>`_] - clamp deployment changes /dockerdata-nfs/ReleaseName dir permissions
-* [`OOM-1088 <https://jira.onap.org/browse/OOM-1088>`_] - APPC returns error for vCPE restart message from Policy
-* [`OOM-1089 <https://jira.onap.org/browse/OOM-1089>`_] - DCAE pods are not getting purged
-* [`OOM-1093 <https://jira.onap.org/browse/OOM-1093>`_] - Line wrapping issue in redis-cluster-config.sh script
-* [`OOM-1094 <https://jira.onap.org/browse/OOM-1094>`_] - Fix postgres startup
-* [`OOM-1095 <https://jira.onap.org/browse/OOM-1095>`_] - common makefile builds out of order
-* [`OOM-1096 <https://jira.onap.org/browse/OOM-1096>`_] - node port conflict SDNC (Geo enabled) & other charts
-* [`OOM-1097 <https://jira.onap.org/browse/OOM-1097>`_] - Nbi needs dep-nbi - crash on make all
-* [`OOM-1099 <https://jira.onap.org/browse/OOM-1099>`_] - Add External Interface NBI project into OOM TOSCA
-* [`OOM-1102 <https://jira.onap.org/browse/OOM-1102>`_] - Incorrect AAI services
-* [`OOM-1103 <https://jira.onap.org/browse/OOM-1103>`_] - Cannot disable NBI
-* [`OOM-1104 <https://jira.onap.org/browse/OOM-1104>`_] - Policy DROOLS configuration across container restarts
-* [`OOM-1110 <https://jira.onap.org/browse/OOM-1110>`_] - Clamp issue when connecting Policy
-* [`OOM-1111 <https://jira.onap.org/browse/OOM-1111>`_] - Please revert to using VNFSDK Postgres container
-* [`OOM-1114 <https://jira.onap.org/browse/OOM-1114>`_] - APPC is broken in latest helm chart
-* [`OOM-1115 <https://jira.onap.org/browse/OOM-1115>`_] - SDNC DGBuilder cant operate on DGs in database - need NodePort
-* [`OOM-1116 <https://jira.onap.org/browse/OOM-1116>`_] - Correct values needed by NBI chart
-* [`OOM-1124 <https://jira.onap.org/browse/OOM-1124>`_] - Update OOM APPC chart to enhance AAF support
-* [`OOM-1126 <https://jira.onap.org/browse/OOM-1126>`_] - Incorrect Port mapping between CDT Application and APPC main application
-* [`OOM-1127 <https://jira.onap.org/browse/OOM-1127>`_] - SO fails healthcheck
-* [`OOM-1128 <https://jira.onap.org/browse/OOM-1128>`_] - AAF CS fails to start in OpenLab
-
-Sub-task
-********
-
-* [`OOM-304 <https://jira.onap.org/browse/OOM-304>`_] - Service endpoint annotation for Data Router
-* [`OOM-306 <https://jira.onap.org/browse/OOM-306>`_] - Handle mariadb secrets
-* [`OOM-510 <https://jira.onap.org/browse/OOM-510>`_] - Increase vm.max_map_count to 262144 when running Rancher 1.6.11+ via helm 2.6+ - for elasticsearch log mem failure
-* [`OOM-512 <https://jira.onap.org/browse/OOM-512>`_] - Push the reviewed and merged ReadMe content to RTD
-* [`OOM-641 <https://jira.onap.org/browse/OOM-641>`_] - Segregating of configuration for SDNC-UEB component
-* [`OOM-655 <https://jira.onap.org/browse/OOM-655>`_] - Create alternate prepull script which provides more user feedback and logging
-* [`OOM-753 <https://jira.onap.org/browse/OOM-753>`_] - Create Helm Sub-Chart for SO's embedded mariadb
-* [`OOM-754 <https://jira.onap.org/browse/OOM-754>`_] - Create Helm Chart for SO
-* [`OOM-774 <https://jira.onap.org/browse/OOM-774>`_] - Create Helm Sub-Chart for APPC's embedded mySQL database
-* [`OOM-775 <https://jira.onap.org/browse/OOM-775>`_] - Create Helm Chart for APPC
-* [`OOM-778 <https://jira.onap.org/browse/OOM-778>`_] - Replace NFS Provisioner with configurable PV storage solution
-* [`OOM-825 <https://jira.onap.org/browse/OOM-825>`_] - Apache 2 License updation for All sqls and .js file
-* [`OOM-849 <https://jira.onap.org/browse/OOM-849>`_] - Policy Nexus component needs persistent volume for /sonatype-work
-* [`OOM-991 <https://jira.onap.org/browse/OOM-991>`_] - Adjust SDC-BE init job timing from 10 to 30s to avoid restarts on single node systems
-* [`OOM-1036 <https://jira.onap.org/browse/OOM-1036>`_] - update helm from 2.7.2 to 2.8.2 wiki/rtd
-* [`OOM-1063 <https://jira.onap.org/browse/OOM-1063>`_] - Document Portal LoadBalancer Ingress IP Settings
-
-**Security Notes**
-
-OOM code has been formally scanned during build time using NexusIQ and no
-Critical vulnerability was found.
-
-Quick Links:
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
-
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
-
-Version: 1.1.0
+- `OOM-1237 <https://jira.onap.org/browse/OOM-1237>`_ Source Helm Charts from
+ ONAP Repo. Having helm charts repo is not possible for Frankfurt release.
+- `OOM-1720 <https://jira.onap.org/browse/OOM-1237>`_ galera container is
+ outdated. containers used for mariadb are outdated and not supported anymore.
+- `OOM-1817 <https://jira.onap.org/browse/OOM-1817>`_ Use of global.repository
+ inconsistent across Helm Charts. it's then may be hard to retrieve some
+ containers when deploying in constrained environment.
+- `OOM-2075 <https://jira.onap.org/browse/OOM-2075>`_ Invalid MTU for Canal CNI
+ interfaces
+- `OOM-2227 <https://jira.onap.org/browse/OOM-2227>`_ Cassandra Backup Mechanism
+ works only on "static PV" mode.
+- `OOM-2230 <https://jira.onap.org/browse/OOM-2230>`_ Missing requests/limits
+ for some PODS. This can lead to "memory bombing" so cautious monitoring of
+ Kubernetes resources usage must be set up.
+- `OOM-2279 <https://jira.onap.org/browse/OOM-2279>`_ OOM El Alto and master
+ clamp mariadb resources doesn't match chart.
+- `OOM-2285 <https://jira.onap.org/browse/OOM-2285>`_ deploy.sh does not work
+ for mariadb-galera. deploy script doesn't behave well with "-" in the
+ component name.
+- `OOM-2369 <https://jira.onap.org/browse/OOM-2369>`_ DMAAP Helm install takes
+ too long and often fails.
+- `OOM-2418 <https://jira.onap.org/browse/OOM-2418>`_ Readiness-check 2.0.2 not
+ working properly for stateful set.
+- `OOM-2421 <https://jira.onap.org/browse/OOM-2421>`_ OOM NBI chart deployment
+ error. In some case, NBI deployment fails.
+- `OOM-2422 <https://jira.onap.org/browse/OOM-2422>`_ Portal App is unreachable
+ when deploying without HTTPs
+
+
+Deliverables
+------------
+
+Software Deliverables
+~~~~~~~~~~~~~~~~~~~~~
+
+OOM provides `Helm charts <https://git.onap.org/oom/>`_ that needs to be
+"compiled" into Helm package. see step 6 in
+:doc:`quickstart guide <oom_quickstart_guide>`.
+
+Documentation Deliverables
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- :doc:`Project Description <oom_project_description>`
+- :doc:`Cloud Setup Guide <oom_cloud_setup_guide>`
+- :doc:`Quick Start Guide <oom_quickstart_guide>`
+- :doc:`Setup Ingress Controller <oom_setup_ingress_controller>`
+- :doc:`Developer Guide <oom_developer_guide>`
+- :doc:`Hardcoded Certificates <oom_hardcoded_certificates>`
+
+Known Limitations, Issues and Workarounds
+=========================================
+
+Known Vulnerabilities
+---------------------
+
+- Hard coded password used for all OOM deployments
+ [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+- :doc:`Hard coded certificates <oom_hardcoded_certificates>` in Helm packages
+
+Workarounds
+-----------
+
+- `OOM-1237 <https://jira.onap.org/browse/OOM-1237>`_ Workaround is to generate
+ them as explained in documentation.
+- `OOM-1817 <https://jira.onap.org/browse/OOM-1817>`_ Workaround is to use
+ offline installer if needed.
+- `OOM-2227 <https://jira.onap.org/browse/OOM-2227>`_ Workaround is to stick to
+ "static PV" (so, not using storage class) if backup is needed.
+- `OOM-2285 <https://jira.onap.org/browse/OOM-2285>`_ Workaround is to use
+ directly helm upgrade if needed.
+- `OOM-2369 <https://jira.onap.org/browse/OOM-2369>`_ Workaround is to play
+ postinstall jobs by hand.
+- `OOM-2418 <https://jira.onap.org/browse/OOM-2418>`_ Workaround is to use
+ version 2.2.2 in global part of override file if the new check is needed.
+- `OOM-2421 <https://jira.onap.org/browse/OOM-2421>`_ Workaround is to
+ undeploy/redeploy NBI.
+- `OOM-2422 <https://jira.onap.org/browse/OOM-2421>`_ Workaround is to create
+ first portal app service with service type Cluster IP then changing it to
+ NodePort or LoadBalancer so all the port are available.
+
+Security Notes
--------------
-:Release Date: 2017-11-16
-
-**New Features**
-
-The Amsterdam release is the first release of the ONAP Operations Manager
-(OOM).
-
-The main goal of the Amsterdam release was to:
-
- - Support Flexible Platform Deployment via Kubernetes of fully
- containerized ONAP components - on any type of environment.
- - Support State Management of ONAP platform components.
- - Support full production ONAP deployment and any variation of component
- level deployment for development.
- - Platform Operations Orchestration / Control Loop Actions.
- - Platform centralized logging with ELK stack.
-
-**Bug Fixes**
-
- The full list of implemented user stories and epics is available on
- `JIRA <https://jira.onap.org/secure/RapidBoard.jspa?rapidView=41&view=planning.nodetail&epics=visible>`_
- This is the first release of OOM, the defects fixed in this release were
- raised during the course of the release.
- Anything not closed is captured below under Known Issues. If you want to
- review the defects fixed in the Amsterdam release, refer to Jira link
- above.
-
-**Known Issues**
- - `OOM-6 <https://jira.onap.org/browse/OOM-6>`_ Automated platform deployment on Docker/Kubernetes
-
- VFC, AAF, MSB minor issues.
-
- Workaround: Manual configuration changes - however the reference
- vFirewall use case does not currently require these components.
-
- - `OOM-10 <https://jira.onap.org/browse/OOM-10>`_ Platform configuration management.
-
- OOM ONAP Configuration Management - Handling of Secrets.
-
- Workaround: Automated workaround to be able to pull from protected
- docker repositories.
-
-
-**Security Issues**
- N/A
-
-
-**Upgrade Notes**
+**Fixed Security Issues**
- N/A
+- In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside
+ of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+- CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270
+ [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
-**Deprecation Notes**
+References
+==========
- N/A
+For more information on the ONAP Frankfurt release, please see:
-**Other**
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
- N/A
-End of Release Notes
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
diff --git a/kubernetes/aaf/Makefile b/kubernetes/aaf/Makefile
new file mode 100644
index 0000000000..9396001ebc
--- /dev/null
+++ b/kubernetes/aaf/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile
new file mode 100644
index 0000000000..2fc0cbe4ab
--- /dev/null
+++ b/kubernetes/aaf/components/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/aaf/charts/aaf-cass/.helmignore b/kubernetes/aaf/components/aaf-cass/.helmignore
index daebc7da77..daebc7da77 100644
--- a/kubernetes/aaf/charts/aaf-cass/.helmignore
+++ b/kubernetes/aaf/components/aaf-cass/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-cass/Chart.yaml b/kubernetes/aaf/components/aaf-cass/Chart.yaml
index 42b4076689..42b4076689 100644
--- a/kubernetes/aaf/charts/aaf-cass/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-cass/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-cass/requirements.yaml b/kubernetes/aaf/components/aaf-cass/requirements.yaml
new file mode 100644
index 0000000000..6afaa06e8a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cass/requirements.yaml
@@ -0,0 +1,18 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt b/kubernetes/aaf/components/aaf-cass/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-cass/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
index 309a9f38c6..309a9f38c6 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml b/kubernetes/aaf/components/aaf-cass/templates/pv.yaml
index 187e9b75de..187e9b75de 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml b/kubernetes/aaf/components/aaf-cass/templates/pvc.yaml
index e56c98751c..e56c98751c 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/pvc.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/service.yaml b/kubernetes/aaf/components/aaf-cass/templates/service.yaml
index 8f80ee12a2..8f80ee12a2 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/values.yaml b/kubernetes/aaf/components/aaf-cass/values.yaml
index 3d9f21e297..c5e5811fd1 100644
--- a/kubernetes/aaf/charts/aaf-cass/values.yaml
+++ b/kubernetes/aaf/components/aaf-cass/values.yaml
@@ -12,6 +12,25 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
flavor: small
@@ -34,7 +53,7 @@ liveness:
enabled: true
port: tcp-cql
-image: onap/aaf/aaf_cass:2.1.20
+image: onap/aaf/aaf_cass:2.1.23
config:
cluster_name: osaaf
diff --git a/kubernetes/aaf/components/aaf-cert-service/.helmignore b/kubernetes/aaf/components/aaf-cert-service/.helmignore
new file mode 100644
index 0000000000..50af031725
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kubernetes/aaf/components/aaf-cert-service/Chart.yaml b/kubernetes/aaf/components/aaf-cert-service/Chart.yaml
new file mode 100644
index 0000000000..525b2ac4b6
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF Cert Service
+name: aaf-cert-service
+version: 6.0.0
diff --git a/kubernetes/aaf/components/aaf-cert-service/requirements.yaml b/kubernetes/aaf/components/aaf-cert-service/requirements.yaml
new file mode 100644
index 0000000000..6afaa06e8a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/requirements.yaml
@@ -0,0 +1,18 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks
new file mode 100644
index 0000000000..d32eb887e5
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks
new file mode 100644
index 0000000000..c8f4e9cfaf
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12 b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12
new file mode 100644
index 0000000000..f6cf008c24
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json b/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json
new file mode 100644
index 0000000000..358f2a82c7
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json
@@ -0,0 +1,3 @@
+{
+ "cmpv2Servers": []
+} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/root.crt b/kubernetes/aaf/components/aaf-cert-service/resources/root.crt
new file mode 100644
index 0000000000..41c34cd18c
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/root.crt
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFnjCCA4agAwIBAgIEME0OlzANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJV
+UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuLUZyYW5jaXNjbzEZ
+MBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsGA1UECxMET05BUDERMA8GA1UE
+AxMIb25hcC5vcmcwHhcNMjAwNzA4MTIzMjM4WhcNMjEwNzA4MTIzMjM4WjB3MQsw
+CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuLUZy
+YW5jaXNjbzEZMBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsGA1UECxMET05B
+UDERMA8GA1UEAxMIb25hcC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCSOtWaxbK6xUflOCynK93ukBJ00PwxJ4MuuXUuJNr9bnf2gsHnGrfwTftW
+ktqutTC0DquXxVM6WsoxQZQ0fBcxOFFeptWzMOwgZLmVu0AwyY6uu26s8GEYDQh+
+artB9ojCSe5m/4r6vaUB69/wt33rIY0qykkXOZ88sIoRrFBbdRGO7XmIeTOayg4N
+LmtvsbRh5QZpxYYcdjzkabZOhcO68KEVvbTWiDA4s67wircH+KrImPfsx1LZ1IHB
+y7LM/p8fb5ELQCaOT+F+cqUsXrRih2s4paVJuNbxyRsEMG8H0L/8/jWLzfS+Vf19
+SjATd54wTOvzpIYlOePtkuTNaZS+5k+FSWMkLTc/I6Fu/qp1mQfQBZoiWtlth8Wr
+695B3mdJke1Up++HByz5OyVq5rkAO8TbqqsMqnyZxPfg2x+SXu2BghugB+A+uWum
+hciSiSMjMEyrGy8Fc8gkKm3zwpEufQ+GijP0JyC3Cl5A36JsFBugsy1DZqUXAqZ1
+LEHuDvJ08HgXcdZA9m8NmRsahYkfAIuSaTxo7NCmpbEJ91VmZsQXxM0pQSbBMXUJ
+I51inIDeScdyooamQWKDoFqeMfnLo0g53xbdS14jNj3aNC1zAoMIxvx9eoEwEqvQ
+Cb2LhAyOqbbwYXvwolDw5C2lgiMF2n9GhtOxVB+oXO/+6FC4sQIDAQABozIwMDAd
+BgNVHQ4EFgQUZnohC3x+LwsiB8Qwx2wssx7qNxgwDwYDVR0TAQH/BAUwAwEB/zAN
+BgkqhkiG9w0BAQwFAAOCAgEAUDcyvn1EcR6gULjX10sjYbnBej/dcyQy9sMgs9bz
+7ypJ6RTUOujBHBx7OIuIpLLVSow4pCJiM9Qxn/DSlWA/G1YK1g3/BdtNDhiOy+Bw
+SkofSJ+HY8ljDWXlONHvSH0gXEqm4MBoV1nOSHNXyYA4ITtX98UsN0xx4T531o06
+X8IPagCz2DHPMYVxyjJdWhl9VEWo9BmOmxkXXjAEn93ege/WJ/23GAyEyrAlWgiC
+glrvGWQy90PNMS+Z7JfMcHEn76d0Am9goIkhg+jGQwUlPCUxFzaWdH5903S6qQqI
+B1X1YGCKWcM5h9DetUdNqS4sv/msVzG3h5Z3UzXDNIKibH04B0ibeybrq+OHIxbS
+GAXYIScGEqrldG2FTC/C0ybg9juOxrrThrjas2rmvXpLRbbhoYl0LZS7+ZSXT3+a
+pFC1FXJyy45Uf0ulBB4vEeO8CQbSrPKus+H65+dJsrvi3yX7SuCLr6Ob7aLvJmQk
+h1fiXGeHnD5oMtGksC9cXdym62ec7VRvX+KiD6BBNOfuo/3bi7Dz3xzsjQc8O4bz
+hb7oLHHUwRkzT9DmQT9l3+vohnzlxf+G+/8FXwjZh+/2PzbDfRrmAIp8sZYWv1Q1
+OMh02nlLk2xq9fAgER0xKWnIsPdjQo3tP3fREmOYtHNvlZzyBswZ6PfOLC/fW3BH
+WO8=
+-----END CERTIFICATE-----
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json b/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json
new file mode 100644
index 0000000000..06e1087f60
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json
@@ -0,0 +1,24 @@
+{
+ "cmpv2Servers": [
+ {
+ "caName": "CLIENT",
+ "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmp",
+ "issuerDN": "CN=ManagementCA",
+ "caMode": "CLIENT",
+ "authentication": {
+ "iak": "${CLIENT_IAK}",
+ "rv": "${CLIENT_RV}"
+ }
+ },
+ {
+ "caName": "RA",
+ "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmpRA",
+ "issuerDN": "CN=ManagementCA",
+ "caMode": "RA",
+ "authentication": {
+ "iak": "${RA_IAK}",
+ "rv": "${RA_RV}"
+ }
+ }
+ ]
+} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks
new file mode 100644
index 0000000000..4dd41f287a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml
new file mode 100644
index 0000000000..a44066461b
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml
@@ -0,0 +1,123 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.global.cmpv2Enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ volumes:
+{{- if .Values.global.addTestingComponents }}
+ - name: cmp-servers-template-volume
+ secret:
+ secretName: {{ .Values.cmpServers.secret.name }}
+ - name: {{ .Values.cmpServers.volume.name }}
+ emptyDir:
+ medium: Memory
+{{- else }}
+ - name: {{ .Values.cmpServers.volume.name }}
+ secret:
+ secretName: {{ .Values.cmpServers.secret.name }}
+{{- end }}
+ - name: {{ .Values.tls.server.volume.name }}
+ secret:
+ secretName: {{ .Values.tls.server.secret.name }}
+{{- if .Values.global.addTestingComponents }}
+ initContainers:
+ - name: wait-for-ejbca
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - ejbca-ejbca
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ - name: subsitute-envs
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ['sh', '-c', "cd /config-input && envsubst < cmpServers.json > {{ .Values.cmpServers.volume.mountPath }}/cmpServers.json"]
+ volumeMounts:
+ - name: cmp-servers-template-volume
+ mountPath: /config-input
+ readOnly: true
+ - name: {{ .Values.cmpServers.volume.name }}
+ mountPath: {{ .Values.cmpServers.volume.mountPath }}
+ readOnly: false
+ env:
+ - name: CLIENT_IAK
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 14 }}
+ - name: CLIENT_RV
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-client-rv" "key" "password") | indent 14 }}
+ - name: RA_IAK
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 14 }}
+ - name: RA_RV
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-ra-rv" "key" "password") | indent 14 }}
+{{- end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "common.repository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
+ env:
+ - name: HTTPS_PORT
+ value: "{{ .Values.envs.httpsPort }}"
+ - name: KEYSTORE_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.jksName }}"
+ - name: KEYSTORE_P12_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.p12Name }}"
+ - name: TRUSTSTORE_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.jksName }}"
+ - name: ROOT_CERT
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.crtName }}"
+ - name: KEYSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 14 }}
+ - name: TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 14 }}
+ livenessProbe:
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - {{ .Values.liveness.command }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ readinessProbe:
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - {{ .Values.readiness.command }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ .Values.cmpServers.volume.name }}
+ mountPath: {{ .Values.cmpServers.volume.mountPath }}
+ readOnly: false
+ - name: {{ .Values.tls.server.volume.name }}
+ mountPath: {{ .Values.tls.server.volume.mountPath }}
+ readOnly: true
+ resources: {{ include "common.resources" . | nindent 12 }}
+{{ end -}}
diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml
new file mode 100644
index 0000000000..ac92f56487
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml
@@ -0,0 +1,56 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.global.cmpv2Enabled }}
+{{ include "common.secretFast" . }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.cmpServers.secret.name }}
+type: Opaque
+data:
+{{ if .Values.global.addTestingComponents }}
+ {{ (.Files.Glob "resources/test/cmpServers.json").AsSecrets }}
+{{ else }}
+ {{ (.Files.Glob "resources/default/cmpServers.json").AsSecrets }}
+{{ end }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.global.aaf.certServiceClient.secret.name | default .Values.tls.client.secret.defaultName }}
+type: Opaque
+data:
+ certServiceClient-keystore.jks:
+ {{ (.Files.Glob "resources/certServiceClient-keystore.jks").AsSecrets }}
+ truststore.jks:
+ {{ (.Files.Glob "resources/truststore.jks").AsSecrets }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.tls.server.secret.name }}
+type: Opaque
+data:
+ certServiceServer-keystore.jks:
+ {{ (.Files.Glob "resources/certServiceServer-keystore.jks").AsSecrets }}
+ certServiceServer-keystore.p12:
+ {{ (.Files.Glob "resources/certServiceServer-keystore.p12").AsSecrets }}
+ truststore.jks:
+ {{ (.Files.Glob "resources/truststore.jks").AsSecrets }}
+ root.crt:
+ {{ (.Files.Glob "resources/root.crt").AsSecrets }}
+{{ end -}} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml
new file mode 100644
index 0000000000..60e2afa41d
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml
@@ -0,0 +1,17 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if .Values.global.cmpv2Enabled }}
+ {{ include "common.service" . }}
+{{ end -}} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/values.yaml b/kubernetes/aaf/components/aaf-cert-service/values.yaml
new file mode 100644
index 0000000000..ad4b7c459b
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/values.yaml
@@ -0,0 +1,160 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Global
+global:
+ envsubstImage: dibi/envsubst
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+
+# Service configuration
+service:
+ type: ClusterIP
+ ports:
+ - name: http
+ port: 8443
+ port_protocol: http
+
+
+# Deployment configuration
+repository: nexus3.onap.org:10001
+image: onap/org.onap.aaf.certservice.aaf-certservice-api:1.1.0
+pullPolicy: Always
+replicaCount: 1
+
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ command: curl https://localhost:$HTTPS_PORT/actuator/health --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ command: curl https://localhost:$HTTPS_PORT/ready --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD
+
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 0.5
+ memory: 1Gi
+ requests:
+ cpu: 0.2
+ memory: 512Mi
+ large:
+ limits:
+ cpu: 1
+ memory: 2Gi
+ requests:
+ cpu: 0.4
+ memory: 1Gi
+ unlimited: {}
+
+
+# Application configuration
+cmpServers:
+ secret:
+ name: aaf-cert-service-secret
+ volume:
+ name: aaf-cert-service-volume
+ mountPath: /etc/onap/aaf/certservice
+
+tls:
+ server:
+ secret:
+ name: aaf-cert-service-server-tls-secret
+ volume:
+ name: aaf-cert-service-server-tls-volume
+ mountPath: /etc/onap/aaf/certservice/certs/
+ client:
+ secret:
+ defaultName: aaf-cert-service-client-tls-secret
+
+envs:
+ keystore:
+ jksName: certServiceServer-keystore.jks
+ p12Name: certServiceServer-keystore.p12
+ truststore:
+ jksName: truststore.jks
+ crtName: root.crt
+ httpsPort: 8443
+
+# External secrets with credentials can be provided to override default credentials defined below,
+# by uncommenting and filling appropriate *ExternalSecret value
+credentials:
+ tls:
+ keystorePassword: secret
+ truststorePassword: secret
+ #keystorePasswordExternalSecret:
+ #truststorePasswordExternalSecret:
+ # Below cmp values contain credentials for EJBCA test instance and are relevant only if global addTestingComponents flag is enabled
+ cmp:
+ #clientIakExternalSecret:
+ #clientRvExternalSecret:
+ #raIakExternalSecret:
+ #raRvExternalSecret:
+ client: {}
+ # iak: mypassword
+ # rv: unused
+ ra: {}
+ # iak: mypassword
+ # rv: unused
+
+secrets:
+ - uid: keystore-password
+ name: '{{ include "common.release" . }}-keystore-password'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.tls.keystorePasswordExternalSecret) . }}'
+ password: '{{ .Values.credentials.tls.keystorePassword }}'
+ passwordPolicy: required
+ - uid: truststore-password
+ name: '{{ include "common.release" . }}-truststore-password'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.tls.truststorePasswordExternalSecret) . }}'
+ password: '{{ .Values.credentials.tls.truststorePassword }}'
+ passwordPolicy: required
+ # Below values are relevant only if global addTestingComponents flag is enabled
+ - uid: ejbca-server-client-iak
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientIakExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.client.iak }}'
+ - uid: cmp-config-client-rv
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientRvExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.client.rv }}'
+ - uid: ejbca-server-ra-iak
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raIakExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.ra.iak }}'
+ - uid: cmp-config-ra-rv
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raRvExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.ra.rv }}'
diff --git a/kubernetes/aaf/charts/aaf-cm/.helmignore b/kubernetes/aaf/components/aaf-cm/.helmignore
index daebc7da77..daebc7da77 100644
--- a/kubernetes/aaf/charts/aaf-cm/.helmignore
+++ b/kubernetes/aaf/components/aaf-cm/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-cm/Chart.yaml b/kubernetes/aaf/components/aaf-cm/Chart.yaml
index ed453f7ac7..ed453f7ac7 100644
--- a/kubernetes/aaf/charts/aaf-cm/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-cm/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-cm/requirements.yaml b/kubernetes/aaf/components/aaf-cm/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cm/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt b/kubernetes/aaf/components/aaf-cm/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-cm/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml b/kubernetes/aaf/components/aaf-cm/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-cm/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml b/kubernetes/aaf/components/aaf-cm/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-cm/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/components/aaf-cm/values.yaml
index c391369db6..0997c7db41 100644
--- a/kubernetes/aaf/charts/aaf-cm/values.yaml
+++ b/kubernetes/aaf/components/aaf-cm/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-fs/.helmignore b/kubernetes/aaf/components/aaf-fs/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-fs/.helmignore
+++ b/kubernetes/aaf/components/aaf-fs/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-fs/Chart.yaml b/kubernetes/aaf/components/aaf-fs/Chart.yaml
index 211c4c28de..211c4c28de 100644
--- a/kubernetes/aaf/charts/aaf-fs/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-fs/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-fs/requirements.yaml b/kubernetes/aaf/components/aaf-fs/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-fs/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt b/kubernetes/aaf/components/aaf-fs/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-fs/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml
index c36750809c..c36750809c 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml b/kubernetes/aaf/components/aaf-fs/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-fs/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml b/kubernetes/aaf/components/aaf-fs/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-fs/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/components/aaf-fs/values.yaml
index 6ddc07278b..9bffb95724 100644
--- a/kubernetes/aaf/charts/aaf-fs/values.yaml
+++ b/kubernetes/aaf/components/aaf-fs/values.yaml
@@ -13,6 +13,30 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-gui/.helmignore b/kubernetes/aaf/components/aaf-gui/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-gui/.helmignore
+++ b/kubernetes/aaf/components/aaf-gui/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-gui/Chart.yaml b/kubernetes/aaf/components/aaf-gui/Chart.yaml
index 7e81a70759..7e81a70759 100644
--- a/kubernetes/aaf/charts/aaf-gui/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-gui/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-gui/requirements.yaml b/kubernetes/aaf/components/aaf-gui/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-gui/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt b/kubernetes/aaf/components/aaf-gui/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-gui/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml
index c36750809c..c36750809c 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml b/kubernetes/aaf/components/aaf-gui/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-gui/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml b/kubernetes/aaf/components/aaf-gui/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-gui/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/components/aaf-gui/values.yaml
index f418fd5b41..8639d6c0f0 100644
--- a/kubernetes/aaf/charts/aaf-gui/values.yaml
+++ b/kubernetes/aaf/components/aaf-gui/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,30 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
flavor: small
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/aaf/charts/aaf-hello/.helmignore b/kubernetes/aaf/components/aaf-hello/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-hello/.helmignore
+++ b/kubernetes/aaf/components/aaf-hello/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-hello/Chart.yaml b/kubernetes/aaf/components/aaf-hello/Chart.yaml
index 71b3242558..71b3242558 100644
--- a/kubernetes/aaf/charts/aaf-hello/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-hello/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-hello/requirements.yaml b/kubernetes/aaf/components/aaf-hello/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-hello/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt b/kubernetes/aaf/components/aaf-hello/templates/NOTES.txt
index ef4d8e7d23..ef4d8e7d23 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-hello/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml
index 891b829f43..891b829f43 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml b/kubernetes/aaf/components/aaf-hello/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/secret.yaml b/kubernetes/aaf/components/aaf-hello/templates/secret.yaml
index f8c32e0670..f8c32e0670 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/secret.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/secret.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml b/kubernetes/aaf/components/aaf-hello/templates/service.yaml
index 8f80ee12a2..8f80ee12a2 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/components/aaf-hello/values.yaml
index aeb659082d..df3abec67c 100644
--- a/kubernetes/aaf/charts/aaf-hello/values.yaml
+++ b/kubernetes/aaf/components/aaf-hello/values.yaml
@@ -41,7 +41,7 @@ aaf_init:
replicaCount: 0
-image: onap/aaf/aaf_hello:2.1.20
+image: onap/aaf/aaf_hello:2.1.23
service:
name: aaf-hello
diff --git a/kubernetes/aaf/charts/aaf-locate/.helmignore b/kubernetes/aaf/components/aaf-locate/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-locate/.helmignore
+++ b/kubernetes/aaf/components/aaf-locate/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-locate/Chart.yaml b/kubernetes/aaf/components/aaf-locate/Chart.yaml
index 3133191280..3133191280 100644
--- a/kubernetes/aaf/charts/aaf-locate/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-locate/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-locate/requirements.yaml b/kubernetes/aaf/components/aaf-locate/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-locate/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt b/kubernetes/aaf/components/aaf-locate/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-locate/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml b/kubernetes/aaf/components/aaf-locate/templates/ingress.yaml
index 1b33c1f8d1..1b33c1f8d1 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-locate/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml b/kubernetes/aaf/components/aaf-locate/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-locate/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/components/aaf-locate/values.yaml
index 01a5ab158a..7bcf10dabb 100644
--- a/kubernetes/aaf/charts/aaf-locate/values.yaml
+++ b/kubernetes/aaf/components/aaf-locate/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/aaf/charts/aaf-oauth/.helmignore b/kubernetes/aaf/components/aaf-oauth/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-oauth/.helmignore
+++ b/kubernetes/aaf/components/aaf-oauth/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-oauth/Chart.yaml b/kubernetes/aaf/components/aaf-oauth/Chart.yaml
index a64a17c7b1..a64a17c7b1 100644
--- a/kubernetes/aaf/charts/aaf-oauth/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-oauth/requirements.yaml b/kubernetes/aaf/components/aaf-oauth/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-oauth/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt b/kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml b/kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml
index 1b33c1f8d1..1b33c1f8d1 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml b/kubernetes/aaf/components/aaf-oauth/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/components/aaf-oauth/values.yaml
index 7604b86393..8771041778 100644
--- a/kubernetes/aaf/charts/aaf-oauth/values.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-service/.helmignore b/kubernetes/aaf/components/aaf-service/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-service/.helmignore
+++ b/kubernetes/aaf/components/aaf-service/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-service/Chart.yaml b/kubernetes/aaf/components/aaf-service/Chart.yaml
index 187e33ac6f..187e33ac6f 100644
--- a/kubernetes/aaf/charts/aaf-service/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-service/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-service/requirements.yaml b/kubernetes/aaf/components/aaf-service/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-service/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/components/aaf-service/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-service/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml b/kubernetes/aaf/components/aaf-service/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-service/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-service/templates/service.yaml b/kubernetes/aaf/components/aaf-service/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-service/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-service/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/components/aaf-service/values.yaml
index c2d96032cc..d924bb4f54 100644
--- a/kubernetes/aaf/charts/aaf-service/values.yaml
+++ b/kubernetes/aaf/components/aaf-service/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-sms/Chart.yaml b/kubernetes/aaf/components/aaf-sms/Chart.yaml
index 557894f456..557894f456 100644
--- a/kubernetes/aaf/charts/aaf-sms/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sms/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml
index 2dc3d49b66..2dc3d49b66 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json
index 3a43f00019..3a43f00019 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml
index 02f1080f29..02f1080f29 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml
index d855ae6fdf..d855ae6fdf 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
index 1c6cc933f5..1c6cc933f5 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
index 1459624536..1459624536 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml
index 074958ff70..074958ff70 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml
index 2c70c23e03..2c70c23e03 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml
index d855ae6fdf..d855ae6fdf 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml
index a3a7591b02..a3a7591b02 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
index 4023106091..4023106091 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml
index 7787f0b85d..7787f0b85d 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml
diff --git a/kubernetes/aaf/components/aaf-sms/requirements.yaml b/kubernetes/aaf/components/aaf-sms/requirements.yaml
new file mode 100644
index 0000000000..7152c37ff0
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-sms/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem b/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem
new file mode 100644
index 0000000000..7939846bf0
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
+MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
+neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
+o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
+nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
+v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
+15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
+gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
+M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
+ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
+u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
+QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
+8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
+kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
+aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
+uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
+tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
+BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
+-----END CERTIFICATE-----
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json b/kubernetes/aaf/components/aaf-sms/resources/config/has.json
index 679b5189de..679b5189de 100644
--- a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json
+++ b/kubernetes/aaf/components/aaf-sms/resources/config/has.json
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
index add0808701..add0808701 100644
--- a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
+++ b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/templates/configmap.yaml
index a74fe277b7..a74fe277b7 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml
index 6113c0d5c8..bb409f33c5 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml
@@ -31,8 +31,25 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
- - name: fix-permission
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }}
+ # Currently intermediate certificate is not given by AAF CM so we need
+ # to give it "by hand"
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-add-intermediate-cert
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ cat /int-certs/intermediate_root_ca.pem >> {{ .Values.certInitializer.mountPath }}/local/org.onap.aaf-sms.crt
+ image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 12 }}
+ - mountPath: /int-certs
+ name: {{ include "common.fullname" . }}-int-certs
+ readOnly: true
+ {{- end }}
+ - name: {{ include "common.fullname" . }}-fix-permission
command:
- /bin/sh
args:
@@ -85,7 +102,7 @@ spec:
path: /v1/sms/quorum/status
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -104,13 +121,18 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
- name : {{ include "common.name" . }}
configMap:
name: {{ include "common.fullname" . }}
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-int-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-int-certs
+ {{- end }}
- name: {{ include "common.fullname" . }}-auth
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
index bb145ef3f8..315d068676 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
@@ -32,7 +32,7 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- sh
args:
@@ -163,7 +163,7 @@ spec:
command:
- "/sms/bin/preload"
- "-cacert"
- - "/sms/certs/aaf_root_ca.cer"
+ - "{{ .Values.certInitializer.mountPath }}/local/{{ .Values.certInitializer.root_ca_name }}"
- "-jsondir"
- "/preload/config"
- "-serviceport"
@@ -171,7 +171,7 @@ spec:
- "-serviceurl"
- "https://aaf-sms.{{ include "common.namespace" . }}"
workingDir: /sms
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -187,7 +187,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/templates/pv.yaml
index d06131feb5..d06131feb5 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml b/kubernetes/aaf/components/aaf-sms/templates/pvc.yaml
index c46d50607c..c46d50607c 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/pvc.yaml
diff --git a/kubernetes/aaf/components/aaf-sms/templates/secret.yaml b/kubernetes/aaf/components/aaf-sms/templates/secret.yaml
new file mode 100644
index 0000000000..7a0213f16c
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-sms/templates/secret.yaml
@@ -0,0 +1,32 @@
+{{/*
+# Copyright © 2020 Samsung Electronics, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
+---
+{{- if .Values.global.aafEnabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-int-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+{{- end }}
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/templates/service.yaml
index 9c94202fe3..9c94202fe3 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml
index 7e0aa5c282..dccf57ca96 100644
--- a/kubernetes/aaf/charts/aaf-sms/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/values.yaml
@@ -1,5 +1,5 @@
# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -22,8 +22,38 @@ global:
loggingImage: beats/filebeat:5.5.0
persistence: {}
envsubstImage: dibi/envsubst
+ aafEnabled: true
flavor: small
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: aaf-sms-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: aaf-sms
+ fqi: aaf-sms@aaf-sms.onap.org
+ public_fqdn: aaf-sms.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ mountPath: /opt/app/osaaf
+ keystore: truststoreONAPall.jks
+ keystore_pass: changeit
+ root_ca_alias: onaptestca
+ root_ca_name: aaf_root_ca.cer
+ permission_user: 1000
+ permission_group: 1000
+ aaf_add_config: >
+ cd {{ .Values.mountPath }}/local;
+ keytool -exportcert -rfc -file {{ .Values.root_ca_name }} -keystore {{ .Values.keystore }}
+ -alias {{ .Values.root_ca_alias }} -storepass {{ .Values.keystore_pass }};
+ chown -R {{.Values.permission_user}}:{{.Values.permission_group}}
+ {{ .Values.mountPath }};
+
#################################################################
# Application configuration defaults.
#################################################################
@@ -39,9 +69,9 @@ debugEnabled: false
# Example:
config:
smsdbaddress: "http://aaf-sms-db:8200"
- cafile: "/sms/certs/aaf_root_ca.cer"
- servercert: "/sms/certs/aaf-sms.pub"
- serverkey: "/sms/certs/aaf-sms.pr"
+ cafile: "/opt/app/osaaf/local/aaf_root_ca.cer"
+ servercert: "/opt/app/osaaf/local/org.onap.aaf-sms.crt"
+ serverkey: "/opt/app/osaaf/local/org.onap.aaf-sms.key"
password: "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA=="
# subchart configuration
diff --git a/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml
index d39b561905..d39b561905 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/README.md b/kubernetes/aaf/components/aaf-sshsm/README.md
index a6f2e62cb9..a6f2e62cb9 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/README.md
+++ b/kubernetes/aaf/components/aaf-sshsm/README.md
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml
index 499b82caaf..499b82caaf 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml
index 8d1faf7e32..8d1faf7e32 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml
index 23fe79d716..23fe79d716 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml
index c624ccfc4d..c624ccfc4d 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml
index 2a733632bf..2a733632bf 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml
index 22ba3da019..22ba3da019 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml
index 99176fcdf6..99176fcdf6 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml
index fb48c7df4a..fb48c7df4a 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml
index bf0ef74be2..bf0ef74be2 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
index a13b7f353b..a13b7f353b 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml
index 94791be713..94791be713 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml
index b64e0c331a..b64e0c331a 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml
index a64f483d74..a64f483d74 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml
index dd04c93bd7..dd04c93bd7 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml b/kubernetes/aaf/components/aaf-sshsm/requirements.yaml
index 0704a2c9df..0704a2c9df 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/requirements.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/resources/config/prk_passwd b/kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd
index 640b325898..640b325898 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/resources/config/prk_passwd
+++ b/kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd
diff --git a/kubernetes/aaf/charts/aaf-sshsm/resources/config/srk_handle b/kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle
index b8b9d8ddb0..b8b9d8ddb0 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/resources/config/srk_handle
+++ b/kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml
index b566b11458..b566b11458 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml
index b3e7f9fabd..b3e7f9fabd 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml
index b8971cc03c..b8971cc03c 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml
index 7297d6f81d..7297d6f81d 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/secret.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml
index 50b6f36cd3..50b6f36cd3 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/secret.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/values.yaml b/kubernetes/aaf/components/aaf-sshsm/values.yaml
index 5600213e11..30fb0d2f2f 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/values.yaml
@@ -1,4 +1,5 @@
# Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -16,6 +17,23 @@
# Global configuration defaults.
#################################################################
global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
tpm:
enabled: false
# if enabled, nodeselector will use the below
diff --git a/kubernetes/aaf/components/aaf-templates/Chart.yaml b/kubernetes/aaf/components/aaf-templates/Chart.yaml
new file mode 100644
index 0000000000..c8739e0105
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-templates/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2020 Orange
+# Modifications Copyright © 2018 AT&T, Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP Application Authorization Framework Templates
+name: aaf-templates
+version: 6.0.0
diff --git a/kubernetes/aaf/components/aaf-templates/requirements.yaml b/kubernetes/aaf/components/aaf-templates/requirements.yaml
new file mode 100644
index 0000000000..6afaa06e8a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-templates/requirements.yaml
@@ -0,0 +1,18 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
index bf6931a8e3..bf6931a8e3 100644
--- a/kubernetes/aaf/templates/_deployment.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
diff --git a/kubernetes/aaf/templates/_initContainers.tpl b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
index 43c511fd6d..43c511fd6d 100644
--- a/kubernetes/aaf/templates/_initContainers.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/secret.yaml b/kubernetes/aaf/components/aaf-templates/values.yaml
index 34932b713d..73efdc6132 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/secret.yaml
+++ b/kubernetes/aaf/components/aaf-templates/values.yaml
@@ -1,5 +1,4 @@
-{{/*
-# Copyright © 2020 Samsung Electronics
+# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,6 +11,3 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/aaf/requirements.yaml b/kubernetes/aaf/requirements.yaml
index 6a61926e9e..ccbe14c7a3 100644
--- a/kubernetes/aaf/requirements.yaml
+++ b/kubernetes/aaf/requirements.yaml
@@ -1,4 +1,6 @@
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +15,36 @@
# limitations under the License.
dependencies:
- - name: common
+ - name: aaf-cass
version: ~6.x-0
- repository: '@local' \ No newline at end of file
+ repository: 'file://components/aaf-cass'
+ - name: aaf-cert-service
+ version: ~6.x-0
+ repository: 'file://components/aaf-cert-service'
+ - name: aaf-cm
+ version: ~6.x-0
+ repository: 'file://components/aaf-cm'
+ - name: aaf-fs
+ version: ~6.x-0
+ repository: 'file://components/aaf-fs'
+ - name: aaf-gui
+ version: ~6.x-0
+ repository: 'file://components/aaf-gui'
+ - name: aaf-hello
+ version: ~6.x-0
+ repository: 'file://components/aaf-hello'
+ - name: aaf-locate
+ version: ~6.x-0
+ repository: 'file://components/aaf-locate'
+ - name: aaf-oauth
+ version: ~6.x-0
+ repository: 'file://components/aaf-oauth'
+ - name: aaf-service
+ version: ~6.x-0
+ repository: 'file://components/aaf-service'
+ - name: aaf-sms
+ version: ~6.x-0
+ repository: 'file://components/aaf-sms'
+ - name: aaf-sshsm
+ version: ~6.x-0
+ repository: 'file://components/aaf-sshsm'
diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml
index bedf243639..df4dcf3723 100644
--- a/kubernetes/aaf/values.yaml
+++ b/kubernetes/aaf/values.yaml
@@ -16,6 +16,7 @@
#################################################################
# Global configuration defaults.
#################################################################
+
global:
nodePortPrefix: 302
# Readiness image
@@ -40,12 +41,14 @@ global:
#pullPolicy: IfNotPresent
#repository: "nexus3.onap.org:10003"
+ cmpv2Enabled: true
+ addTestingComponents: false
aaf:
readiness: false
- image: onap/aaf/aaf_core:2.1.20
+ image: onap/aaf/aaf_core:2.1.23
aaf_env: "DEV"
public_fqdn: "aaf.osaaf.org"
- aaf_release: "El Alto"
+ aaf_release: "Frankfurt"
# DUBLIN ONLY - for M4 compatibility with Casablanca
# aaf_locator_name: "public.%NS.%N"
# aaf_locator_name_oom: "%NS.%N"
@@ -57,7 +60,7 @@ global:
cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
config:
- image: onap/aaf/aaf_config:2.1.20
+ image: onap/aaf/aaf_config:2.1.23
service:
fqdn: "aaf-service"
@@ -73,6 +76,9 @@ global:
public_port: 31112
# Note: as hello is a sample app, find values in charts/aaf-hello/values.yaml
+ certServiceClient:
+ secret:
+ name: aaf-cert-service-client-tls-secret
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/aai b/kubernetes/aai
-Subproject 2aba1f4b1c872ddf429f4635b982b3e15ecc4aa
+Subproject e77bd83639f77e68f4c7df9b35c95a4d70e7038
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
index 05ac61cf57..453f906101 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
+++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
@@ -127,6 +127,8 @@ blueprintsprocessor.netconfExecutor.enabled=true
blueprintsprocessor.restConfExecutor.enabled=true
blueprintsprocessor.cliExecutor.enabled=true
blueprintsprocessor.remoteScriptCommand.enabled=true
+## Enable py-executor
+blueprintsprocessor.streamingRemoteExecution.enabled=true
# Used in Health Check
blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
index 161cf28d27..c2b6d520b5 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
@@ -90,7 +90,7 @@ spec:
command:
- chown
- -R
- - 100:101
+ - 1000:1000
- /opt/app/onap/blueprints/deploy
image: busybox:latest
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
index c8921f9efa..500e3a536b 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
@@ -62,7 +62,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-blueprintsprocessor:0.7.3
+image: onap/ccsdk-blueprintsprocessor:0.7.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml
index 8b4dbbfc16..f194c279c9 100755
--- a/kubernetes/cds/charts/cds-command-executor/values.yaml
+++ b/kubernetes/cds/charts/cds-command-executor/values.yaml
@@ -40,7 +40,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-commandexecutor:0.7.3
+image: onap/ccsdk-commandexecutor:0.7.5
pullPolicy: Always
# application configuration
diff --git a/kubernetes/cds/charts/cds-py-executor/values.yaml b/kubernetes/cds/charts/cds-py-executor/values.yaml
index bbae1b9e5a..9dbc5b7ff3 100755
--- a/kubernetes/cds/charts/cds-py-executor/values.yaml
+++ b/kubernetes/cds/charts/cds-py-executor/values.yaml
@@ -38,7 +38,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-py-executor:0.7.3
+image: onap/ccsdk-py-executor:0.7.5
pullPolicy: Always
# default number of instances
diff --git a/kubernetes/cds/charts/cds-sdc-listener/values.yaml b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
index 57b9e49426..30f9451673 100644
--- a/kubernetes/cds/charts/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
@@ -37,7 +37,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-sdclistener:0.7.3
+image: onap/ccsdk-sdclistener:0.7.5
name: sdc-listener
pullPolicy: Always
diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml
index aea1202d51..d8a87cc2ea 100644
--- a/kubernetes/cds/charts/cds-ui/values.yaml
+++ b/kubernetes/cds/charts/cds-ui/values.yaml
@@ -28,7 +28,7 @@ subChartsOnly:
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-cds-ui-server:0.7.3
+image: onap/ccsdk-cds-ui-server:0.7.5
pullPolicy: Always
# application configuration
diff --git a/kubernetes/clamp/charts/clamp-backend/values.yaml b/kubernetes/clamp/charts/clamp-backend/values.yaml
index f354ad14a7..3e08bd606c 100644
--- a/kubernetes/clamp/charts/clamp-backend/values.yaml
+++ b/kubernetes/clamp/charts/clamp-backend/values.yaml
@@ -35,7 +35,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-backend:5.0.6
+image: onap/clamp-backend:5.0.7
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index 9446ca8eb3..2a27c140eb 100644
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -58,7 +58,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-frontend:5.0.6
+image: onap/clamp-frontend:5.0.7
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index eddc7bc124..9c744f39ba 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -61,7 +61,7 @@
apiVersion: v1
fieldPath: metadata.namespace
- name: {{ include "common.name" $dot }}-aaf-config
- image: {{ (default $subchartDot.Values.repository $subchartDot.Values.global.repository) }}/{{ $subchartDot.Values.global.aafAgentImage }}
+ image: {{ include "common.repository" $subchartDot }}/{{ $subchartDot.Values.global.aafAgentImage }}
imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
volumeMounts:
- mountPath: {{ $initRoot.mountPath }}
diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml
index b55ba5e2f3..fdee4c9bd2 100644
--- a/kubernetes/common/certInitializer/values.yaml
+++ b/kubernetes/common/certInitializer/values.yaml
@@ -15,6 +15,7 @@
global:
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
+ repository: nexus3.onap.org:10001
aafAgentImage: onap/aaf/aaf_agent:2.1.20
aafEnabled: true
diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl
index c3c744358c..6b4f0ed36e 100644
--- a/kubernetes/common/common/templates/_ingress.tpl
+++ b/kubernetes/common/common/templates/_ingress.tpl
@@ -78,7 +78,7 @@ nginx.ingress.kubernetes.io/ssl-redirect: "false"
{{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" (default (dict) .Values.global.ingress) "var" "enabled") }}
{{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" .Values.ingress "var" "enabledOverride") }}
{{- if $ingressEnabled }}
-apiVersion: extensions/v1beta1
+apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: {{ include "common.fullname" . }}-ingress
diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml
index e1fac77a97..d0e298b7b6 100644
--- a/kubernetes/common/dgbuilder/templates/deployment.yaml
+++ b/kubernetes/common/dgbuilder/templates/deployment.yaml
@@ -14,7 +14,7 @@
# limitations under the License.
*/}}
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.fullname" . }}
@@ -26,6 +26,9 @@ metadata:
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
template:
metadata:
labels:
diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml
index 96cda89c1f..fcab51cb59 100644
--- a/kubernetes/common/etcd/templates/statefulset.yaml
+++ b/kubernetes/common/etcd/templates/statefulset.yaml
@@ -11,7 +11,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: apps/v1beta1
+apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "common.fullname" . }}
@@ -23,6 +23,9 @@ metadata:
spec:
serviceName: {{ include "common.servicename" .}}
replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
template:
metadata:
labels:
diff --git a/kubernetes/common/mariadb-galera/resources/create-deployment.yml b/kubernetes/common/mariadb-galera/resources/create-deployment.yml
new file mode 100644
index 0000000000..61bfc78945
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/resources/create-deployment.yml
@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" (dict "suffix" "upgrade-deployment" "dot" .) | nindent 4 }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ include "common.fullname" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.fullname" . }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - containerPort: {{ .Values.service.sstPort }}
+ name: {{ .Values.service.sstPortName }}
+ - containerPort: {{ .Values.service.replicationPort }}
+ name: {{ .Values.service.replicationName }}
+ - containerPort: {{ .Values.service.istPort }}
+ name: {{ .Values.service.istPortName }}
+ env:
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: MYSQL_USER
+ valueFrom:
+ secretKeyRef:
+ key: login
+ name: {{ include "common.fullname" . }}-temp-upgrade-usercred
+ - name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ key: password
+ name: {{ include "common.fullname" . }}-temp-upgrade-usercred
+ - name: MYSQL_DATABASE
+ value: {{ default "" .Values.config.mysqlDatabase | quote }}
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ key: password
+ name: {{ include "common.fullname" . }}-temp-upgrade-root
+ subdomain: {{ .Values.service.name }}
+ hostname: {{ .Values.nameOverride }}-upgrade-deployment \ No newline at end of file
diff --git a/kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh b/kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh
new file mode 100644
index 0000000000..ec09df3a86
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh
@@ -0,0 +1,142 @@
+#!/bin/bash
+
+TEMP_POD=$(kubectl get pod -n $NAMESPACE_ENV --selector \
+ app='{{ include "common.fullname" . }}' -o \
+ jsonpath='{.items[?(@.metadata.ownerReferences[].kind=="ReplicaSet")].metadata.name}')
+
+tmp_MYSQL_PASSWORD=$(echo -n $(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- printenv \
+ MYSQL_PASSWORD) | base64)
+
+tmp_ROOT_PASSWORD=$(echo -n $(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- printenv \
+ MYSQL_ROOT_PASSWORD) | base64)
+
+FLAG_EX_ROOT_SEC='{{ include "common.secret.getSecretNameFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .)) }}'
+
+FLAG_EX_SEC='{{ include "common.secret.getSecretNameFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .)) }}'
+
+kubectl patch secret $FLAG_EX_ROOT_SEC -p \
+ '{"data":{"password":"'"$tmp_ROOT_PASSWORD"'"}}'
+
+kubectl patch secret $FLAG_EX_SEC -p \
+ '{"data":{"password":"'"$tmp_MYSQL_PASSWORD"'"}}'
+
+MYSQL_USER=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- printenv MYSQL_USER)
+
+MYSQL_PASSWORD=$(echo -n $(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- printenv MYSQL_PASSWORD))
+
+MYSQL_ROOT_PASSWORD=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- printenv MYSQL_ROOT_PASSWORD)
+
+CURRENT_STS_REPLICA=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+
+DEPLOYMENT_REPLICA=$(kubectl get deployment -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-upgrade-deployment -o \
+ jsonpath='{.status.replicas}')
+
+if [[ $CURRENT_STS_REPLICA == "0" ]]
+then
+ echo "Seems there was no upgrade of cluster and we will scale up cluster replicas back to $REPLICA_COUNT now"
+ kubectl scale statefulsets {{ include "common.fullname" . }} --replicas=$REPLICA_COUNT
+fi
+
+MY_REPLICA_NUMBER=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+
+while [[ ! $MY_REPLICA_NUMBER == $REPLICA_COUNT ]]
+do
+ echo "The cluster is not scaled up to $REPLICA_COUNT yet. Please wait ..."
+ MY_REPLICA_NUMBER=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+ echo "The current status of the cluster is $MY_REPLICA_NUMBER"
+ sleep 2
+ if [[ $MY_REPLICA_NUMBER == $REPLICA_COUNT ]]
+ then
+ break
+ fi
+done
+
+CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" | \
+ awk '{print $2}')
+
+CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+
+while [[ ! $CLUSTER_NO == $((REPLICA_COUNT+DEPLOYMENT_REPLICA)) ]] \
+ || [[ ! $CLUSTER_STATE == "Synced" ]]
+do
+ echo "$CLUSTER_NO and $CLUSTER_STATE"
+ CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" \
+ | awk '{print $2}')
+ CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+ sleep 2
+ if [[ $CLUSTER_NO == $((REPLICA_COUNT+DEPLOYMENT_REPLICA)) ]] \
+ && [[ $CLUSTER_STATE == "Synced" ]]
+ then
+ echo "The cluster has $CLUSTER_NO members and $CLUSTER_STATE state."
+ break
+ fi
+done
+
+MYSQL_STATUS=$(kubectl exec -n $NAMESPACE_ENV {{ include "common.fullname" . }}-0 -- mysqladmin \
+ -uroot -p$MYSQL_ROOT_PASSWORD ping)
+
+while [[ ! $MYSQL_STATUS == "mysqld is alive" ]]
+do
+ echo "Mariadb deployment is not ready yet."
+ sleep 2
+ MYSQL_STATUS=$(kubectl exec -n $NAMESPACE_ENV {{ include "common.fullname" . }}-0 -- mysqladmin \
+ -uroot -p$MYSQL_ROOT_PASSWORD ping)
+ if [[ $MYSQL_STATUS == "mysqld is alive" ]]
+ then
+ echo "Mariadb deployment is ready and cluster size is $CLUSTER_NO"
+ break
+ fi
+done
+
+echo "Deleting upgrade deployment now"
+
+kubectl delete deployment -n $NAMESPACE_ENV {{ include "common.fullname" . }}-upgrade-deployment
+kubectl delete secret -n $NAMESPACE_ENV {{ include "common.fullname" . }}-temp-upgrade-root
+kubectl delete secret -n $NAMESPACE_ENV {{ include "common.fullname" . }}-temp-upgrade-usercred
+
+CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV {{ include "common.fullname" . }}-0 -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" | \
+ awk '{print $2}')
+
+CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV {{ include "common.fullname" . }}-0 -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+
+while [[ ! $CLUSTER_NO == $REPLICA_COUNT ]] \
+ || [[ ! $CLUSTER_STATE == "Synced" ]]
+do
+ echo "$CLUSTER_NO and $CLUSTER_STATE"
+ CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV {{ include "common.fullname" . }}-0 -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" \
+ | awk '{print $2}')
+ CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV {{ include "common.fullname" . }}-0 -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+ sleep 2
+ if [[ $CLUSTER_NO == $REPLICA_COUNT ]] \
+ && [[ $CLUSTER_STATE == "Synced" ]]
+ then
+ echo "The cluster has $CLUSTER_NO members and $CLUSTER_STATE state."
+ break
+ fi
+done
+
+echo "The cluster upgrade is finished now"
diff --git a/kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh b/kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh
new file mode 100644
index 0000000000..ff44606e23
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh
@@ -0,0 +1,101 @@
+#!/bin/bash
+MYSQL_USER=$(kubectl exec -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-0 -- printenv MYSQL_USER)
+
+MYSQL_PASSWORD=$(kubectl exec -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-0 -- printenv MYSQL_PASSWORD)
+
+MYSQL_ROOT_PASSWORD=$(kubectl exec -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-0 -- printenv MYSQL_ROOT_PASSWORD)
+
+kubectl create secret generic \
+ '{{ include "common.fullname" . }}'-temp-upgrade-root \
+ --from-literal=password=$MYSQL_ROOT_PASSWORD
+
+kubectl create secret generic \
+ '{{ include "common.fullname" . }}'-temp-upgrade-usercred \
+ --from-literal=login=$MYSQL_USER --from-literal=password=$MYSQL_PASSWORD
+
+kubectl create -f /upgrade/create-deployment.yml
+
+TEMP_POD=$(kubectl get pod -n $NAMESPACE_ENV --selector \
+ app='{{ include "common.fullname" . }}' -o \
+ jsonpath='{.items[?(@.metadata.ownerReferences[].kind=="ReplicaSet")].metadata.name}')
+
+CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" | \
+ awk '{print $2}')
+
+CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+
+STS_REPLICA=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+
+DEPLOYMENT_REPLICA=$(kubectl get deployment -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-upgrade-deployment -o \
+ jsonpath='{.status.replicas}')
+
+while [[ ! $CLUSTER_NO == $((STS_REPLICA+DEPLOYMENT_REPLICA)) ]] \
+ || [[ ! $CLUSTER_STATE == "Synced" ]]
+do
+ echo "$CLUSTER_NO and $CLUSTER_STATE"
+ CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" \
+ | awk '{print $2}')
+ CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+ sleep 2
+ if [[ $CLUSTER_NO == $((STS_REPLICA+DEPLOYMENT_REPLICA)) ]] \
+ && [[ $CLUSTER_STATE == "Synced" ]]
+ then
+ echo "The cluster has $CLUSTER_NO members and $CLUSTER_STATE state."
+ break
+ fi
+done
+
+MYSQL_STATUS=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysqladmin \
+ -uroot -p$MYSQL_ROOT_PASSWORD ping)
+
+while [[ ! $MYSQL_STATUS == "mysqld is alive" ]]
+do
+ echo "Mariadb deployment is not ready yet."
+ sleep 2
+ MYSQL_STATUS=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysqladmin \
+ -uroot -p$MYSQL_ROOT_PASSWORD ping)
+ if [[ $MYSQL_STATUS == "mysqld is alive" ]]
+ then
+ echo "Mariadb deployment is ready."
+ break
+ fi
+done
+
+kubectl scale statefulsets {{ include "common.fullname" . }} --replicas=0
+MY_REPLICA_NUMBER=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+echo "The the cluster has $MY_REPLICA_NUMBER replicas."
+
+while [[ ! $MY_REPLICA_NUMBER == "0" ]]
+do
+ echo "The cluster is not scaled to 0 yet. Please wait ..."
+ MY_REPLICA_NUMBER=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+ echo "The current status of the cluster is $MY_REPLICA_NUMBER"
+ sleep 2
+ if [[ $MY_REPLICA_NUMBER == "0" ]]
+ then
+ break
+ fi
+done
+
+for (( index=0; index<$STS_REPLICA; index+=1 ))
+do
+ kubectl delete pvc \
+ "{{ include "common.fullname" . }}-data-{{ include "common.fullname" . }}-$index"
+done
diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml
index a7064d7ce4..685901fa95 100644
--- a/kubernetes/common/mariadb-galera/templates/configmap.yaml
+++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml
@@ -1,6 +1,6 @@
{{/*
# Copyright © 2018 Amdocs, Bell Canada
-# Copyright © 2020 Samsung Electronics
+# Copyright © 2020 Samsung Electronics, and TATA Communications
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,7 +14,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
{{- if .Values.externalConfig }}
apiVersion: v1
kind: ConfigMap
@@ -43,3 +42,37 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-upgrade-deployment
+ annotations:
+ "helm.sh/hook": "pre-upgrade"
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": hook-succeeded
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-post-upgrade-deployment
+ annotations:
+ "helm.sh/hook": "post-upgrade"
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": hook-succeeded
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/post-upgrade-script.sh").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/mariadb-galera/templates/job.yaml b/kubernetes/common/mariadb-galera/templates/job.yaml
new file mode 100644
index 0000000000..db56f3e046
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/templates/job.yaml
@@ -0,0 +1,109 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-pre-upgrade
+ annotations:
+ "helm.sh/hook": "pre-upgrade"
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+ template:
+ spec:
+ securityContext:
+ fsGroup: 1001
+ runAsUser: 1001
+ containers:
+ - name: mariadb-job-pre-upgrade
+ image: {{ .Values.global.kubectlImage}}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: NAMESPACE_ENV
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ command: ["/bin/bash", "-c", "--"]
+ args: ["/upgrade/upgrade-scripts.sh"]
+ volumeMounts:
+ - name: config-mariadb-upgrade
+ mountPath: /upgrade
+ volumes:
+ - name: config-mariadb-upgrade
+ configMap:
+ name: {{ include "common.fullname" . }}-upgrade-deployment
+ defaultMode: 0777
+ restartPolicy: OnFailure
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-upgrade
+ annotations:
+ "helm.sh/hook": "post-upgrade"
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+ template:
+ spec:
+ securityContext:
+ fsGroup: 1001
+ runAsUser: 0
+ initContainers:
+ - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ name: mariadb-galera-upgrade-readiness
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - mariadb-galera
+ containers:
+ - name: mariadb-job-post-upgrade
+ image: {{ .Values.global.kubectlImage}}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: NAMESPACE_ENV
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: REPLICA_COUNT
+ value: "{{ .Values.replicaCount }}"
+ command: ["/bin/bash", "-c", "--"]
+ args: ["/upgrade/post-upgrade-script.sh"]
+ volumeMounts:
+ - name: config-mariadb-upgrade
+ mountPath: /upgrade
+ volumes:
+ - name: config-mariadb-upgrade
+ configMap:
+ name: {{ include "common.fullname" . }}-post-upgrade-deployment
+ defaultMode: 0777
+ restartPolicy: OnFailure
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-delete
+ annotations:
+ "helm.sh/hook": "post-delete"
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+ template:
+ spec:
+ containers:
+ - name: mariadb-job-post-delete
+ image: {{ .Values.global.kubectlImage}}
+ imagePullPolicy: IfNotPresent
+ command: ["/bin/bash", "-c", "--"]
+ args:
+ - for ((index=0;index<{{ $.Values.replicaCount }};index+=1));
+ do kubectl delete pvc "{{ include "common.fullname" . }}-data-{{ include "common.fullname" . }}-$index";
+ done; kubectl delete deployment {{ include "common.fullname" . }}-upgrade-deployment;
+ restartPolicy: OnFailure
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index af08ea3d58..4ccb0e5c6e 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -42,7 +42,10 @@ global:
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
-
+ busyboxImage: busybox:1.30
+ busyboxRepository: docker.io
+ # kubeclt image
+ kubectlImage: "bitnami/kubectl:1.15"
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh
index b2fdb14b12..40254d469b 100755
--- a/kubernetes/common/mariadb-init/resources/config/db_init.sh
+++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh
@@ -14,11 +14,14 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+# make sure the script fails if any of commands failed
+set -e
+
while read DB ; do
USER_VAR="MYSQL_USER_${DB^^}"
PASS_VAR="MYSQL_PASSWORD_${DB^^}"
USER=${!USER_VAR}
- PASS=${!PASS_VAR}
+ PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"`
MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} )
echo "Creating database ${DB} and user ${USER}..."
diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml
index ae373343d3..111bc80586 100644
--- a/kubernetes/common/mongo/templates/statefulset.yaml
+++ b/kubernetes/common/mongo/templates/statefulset.yaml
@@ -14,7 +14,7 @@
# limitations under the License.
*/}}
-apiVersion: apps/v1beta1
+apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "common.fullname" . }}
@@ -27,6 +27,9 @@ metadata:
spec:
serviceName: {{ .Values.service.name }}
replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
template:
metadata:
labels:
diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml
index 58866495db..fbdac61a9e 100644
--- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml
@@ -15,7 +15,7 @@
*/}}
-apiVersion: apps/v1beta1
+apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "common.fullname" . }}
@@ -39,6 +39,9 @@ spec:
topologyKey: kubernetes.io/hostname
serviceName: {{ include "common.servicename" . }}
replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
podManagementPolicy: {{ .Values.podManagementPolicy }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml
index b9550c7666..87dd622c35 100644
--- a/kubernetes/common/network-name-gen/templates/deployment.yaml
+++ b/kubernetes/common/network-name-gen/templates/deployment.yaml
@@ -14,7 +14,7 @@
# limitations under the License.
*/}}
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.fullname" . }}
@@ -26,6 +26,9 @@ metadata:
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
template:
metadata:
labels:
diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl
index b1aae5f50d..456aa32bc0 100644
--- a/kubernetes/common/postgres/templates/_deployment.tpl
+++ b/kubernetes/common/postgres/templates/_deployment.tpl
@@ -18,7 +18,7 @@
{{- define "common.postgres.deployment" -}}
{{- $dot := .dot }}
{{- $pgMode := .pgMode }}
-apiVersion: apps/v1beta1
+apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.fullname" $dot }}-{{ $pgMode }}
@@ -32,6 +32,9 @@ metadata:
spec:
serviceName: {{ $dot.Values.service.name }}
replicas: 1
+ selector:
+ matchLabels:
+ app: {{ include "common.name" $dot }}-{{ $pgMode }}
template:
metadata:
labels:
diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
index 5c70e78735..1bdea6bb27 100644
--- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
+++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
@@ -40,8 +40,8 @@
{{- $dot := default . .dot -}}
{{- $initRoot := default $dot.Values.readinessCheck .initRoot -}}
{{/* Our version of helm doesn't support deepCopy so we need this nasty trick */}}
-{{- $subchartDot := include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot) }}
-{{- $wait_for := default $dot.Values.wait_for .wait_for -}}
+{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
+{{- $wait_for := default $initRoot.wait_for .wait_for -}}
- name: {{ include "common.name" $dot }}-{{ $wait_for.name }}-readiness
image: "{{ $subchartDot.Values.global.readinessRepository }}/{{ $subchartDot.Values.global.readinessImage }}"
imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
diff --git a/kubernetes/common/serviceAccount/Chart.yaml b/kubernetes/common/serviceAccount/Chart.yaml
new file mode 100644
index 0000000000..9e838af3a7
--- /dev/null
+++ b/kubernetes/common/serviceAccount/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Template used to create the right Service Accounts / Role / RoleBinding
+name: serviceAccount
+version: 6.0.0
diff --git a/kubernetes/common/serviceAccount/requirements.yaml b/kubernetes/common/serviceAccount/requirements.yaml
new file mode 100644
index 0000000000..237f1d1354
--- /dev/null
+++ b/kubernetes/common/serviceAccount/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: 'file://../common'
diff --git a/kubernetes/common/serviceAccount/templates/role-binding.yaml b/kubernetes/common/serviceAccount/templates/role-binding.yaml
new file mode 100644
index 0000000000..2082f8466b
--- /dev/null
+++ b/kubernetes/common/serviceAccount/templates/role-binding.yaml
@@ -0,0 +1,33 @@
+{{/*
+# Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- $dot := . -}}
+{{- range $role_type := $dot.Values.roles }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+# This cluster role binding allows anyone in the "manager" group to read secrets in any namespace.
+kind: RoleBinding
+metadata:
+ name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}}
+ namespace: {{ include "common.namespace" $dot }}
+subjects:
+- kind: ServiceAccount
+ name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}}
+roleRef:
+ kind: Role
+ name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}}
+ apiGroup: rbac.authorization.k8s.io
+{{- end }}
diff --git a/kubernetes/common/serviceAccount/templates/role.yaml b/kubernetes/common/serviceAccount/templates/role.yaml
new file mode 100644
index 0000000000..73f45b5fce
--- /dev/null
+++ b/kubernetes/common/serviceAccount/templates/role.yaml
@@ -0,0 +1,105 @@
+{{/*
+# Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- $dot := . -}}
+{{- range $role_type := $dot.Values.roles }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}}
+ namespace: {{ include "common.namespace" $dot }}
+rules:
+{{- if eq $role_type "read" }}
+- apiGroups:
+ - "" # "" indicates the core API group
+ - apps
+ - batch
+ resources:
+ - pods
+ - deployments
+ - jobs
+ - jobs/status
+ - statefulsets
+ - replicasets
+ - daemonsets
+ verbs:
+ - get
+ - watch
+ - list
+{{- else }}
+{{- if eq $role_type "create" }}
+- apiGroups:
+ - "" # "" indicates the core API group
+ - apps
+ - batch
+ resources:
+ - pods
+ - deployments
+ - jobs
+ - jobs/status
+ - statefulsets
+ - replicasets
+ - daemonsets
+ - secrets
+ verbs:
+ - get
+ - watch
+ - list
+- apiGroups:
+ - "" # "" indicates the core API group
+ - apps
+ resources:
+ - statefulsets
+ verbs:
+ - patch
+- apiGroups:
+ - "" # "" indicates the core API group
+ - apps
+ resources:
+ - deployments
+ - secrets
+ verbs:
+ - create
+- apiGroups:
+ - "" # "" indicates the core API group
+ - apps
+ resources:
+ - pods
+ - persistentvolumeclaims
+ - secrets
+ - deployment
+ verbs:
+ - delete
+- apiGroups:
+ - "" # "" indicates the core API group
+ - apps
+ resources:
+ - pods/exec
+ verbs:
+ - create
+{{- else }}
+{{- if hasKey $dot.Values.new_roles_definitions $role_type }}
+{{ include "common.tplValue" ( dict "value" (index $dot.Values.new_roles_definitions $role_type ) "context" $dot) }}
+{{- else}}
+# if you don't match read or create, then you're not allowed to use API
+- apiGroups: []
+ resources: []
+ verbs: []
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes/common/serviceAccount/templates/service-account.yaml b/kubernetes/common/serviceAccount/templates/service-account.yaml
new file mode 100644
index 0000000000..449bea684c
--- /dev/null
+++ b/kubernetes/common/serviceAccount/templates/service-account.yaml
@@ -0,0 +1,24 @@
+{{/*
+# Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- $dot := . -}}
+{{- range $role_type := $dot.Values.roles }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "common.fullname" (dict "suffix" $role_type "dot" $dot )}}
+{{- end }}
diff --git a/kubernetes/common/serviceAccount/values.yaml b/kubernetes/common/serviceAccount/values.yaml
new file mode 100644
index 0000000000..afa819421c
--- /dev/null
+++ b/kubernetes/common/serviceAccount/values.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+roles:
+ - nothing
+# - read
+# - create
+
+new_roles_definitions: {}
+# few-read:
+# - apiGroups:
+# - ""
+# resources:
+# - "pods"
+# verbs:
+# - "get"
+# - "watch"
+# - "list"
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
index 9009f6b114..13657bd012 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
@@ -74,7 +74,6 @@ spec:
- dcae-inventory-api
- "-t"
- "15"
-
env:
- name: NAMESPACE
valueFrom:
@@ -96,6 +95,15 @@ spec:
volumeMounts:
- mountPath: /opt/app/osaaf
name: tls-info
+ - name: init-consul
+ image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --service
+ - "config-binding-service|config-binding-service.{{ include "common.namespace" . }}|10000"
+ - --service
+ - "config_binding_service|config-binding-service.{{ include "common.namespace" . }}|10000"
+ resources: {}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index a9cac8beac..bc409a549c 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -107,7 +107,7 @@ mongo:
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.6
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.0.0
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml
index 8a03e90333..a21eabc24b 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml
@@ -41,6 +41,22 @@ spec:
hostnames:
- "dcae-cloudify-manager"
initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - aaf-cm
+ - "-t"
+ - "15"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
- name: {{ include "common.name" . }}-multisite-init
image: {{ include "common.repository" . }}/{{ .Values.multisiteInitImage }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
index d2bda88577..b7ea4c9e6f 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -46,7 +46,7 @@ config:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.cm-container:2.1.0
+image: onap/org.onap.dcaegen2.deployments.cm-container:3.0.0
pullPolicy: Always
# name of shared ConfigMap with kubeconfig for multiple clusters
diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml
index fe681ca566..596a3988c2 100644
--- a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml
@@ -42,6 +42,8 @@ spec:
args:
- --container-name
- consul-server
+ - --container-name
+ - aaf-cm
- "-t"
- "15"
env:
diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml
index 555d7ee28a..4d3e3c326c 100644
--- a/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-healthcheck/templates/deployment.yaml
@@ -1,6 +1,6 @@
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -56,6 +56,10 @@ spec:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/expected-components.json
+ subPath: expected-components.json
+ name: {{ include "common.fullname" .}}-expected-components
env:
- name: DCAE_NAMESPACE
value: {{ .Values.dcae_ns }}
@@ -63,5 +67,11 @@ spec:
value: {{ include "common.namespace" . }}
- name: HELM_RELEASE
value: {{ include "common.release" . }}
+ - name: DEPLOY_LABEL
+ value: cfydeployment
+ volumes:
+ - name: {{ include "common.fullname" . }}-expected-components
+ configMap:
+ name: {{ include "common.release" . }}-dcae-expected-components
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
index cbde9a157b..ca9486f715 100644
--- a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
@@ -45,7 +45,7 @@ readiness:
periodSeconds: 10
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.3.1
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.0.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml
index bf49157762..47b3312726 100644
--- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml
@@ -61,6 +61,8 @@ spec:
args:
- --container-name
- {{ .Values.postgres.nameOverride }}
+ - --container-name
+ - aaf-cm
- "-t"
- "15"
env:
diff --git a/kubernetes/dcaegen2/resources/expected-components.json b/kubernetes/dcaegen2/resources/expected-components.json
new file mode 100644
index 0000000000..fd3d04fcb8
--- /dev/null
+++ b/kubernetes/dcaegen2/resources/expected-components.json
@@ -0,0 +1,10 @@
+[
+{{- $ctx := . }}
+{{- $components := tuple "dcae-cloudify-manager" "dcae-config-binding-service" "dcae-dashboard" "dcae-deployment-handler" "dcae-inventory-api" "dcae-policy-handler" "dcae-redis" "dcae-servicechange-handler" }}
+{{- range $i, $v := $components }}
+{{- if index $ctx.Values . "enabled" }}
+{{- if $i }},{{ end }}
+{{ $v | quote | indent 2 }}
+{{- end -}}
+{{- end }}
+] \ No newline at end of file
diff --git a/kubernetes/dcaegen2/templates/configmap.yaml b/kubernetes/dcaegen2/templates/configmap.yaml
new file mode 100644
index 0000000000..b315443c70
--- /dev/null
+++ b/kubernetes/dcaegen2/templates/configmap.yaml
@@ -0,0 +1,24 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.release" . }}-dcae-expected-components
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml
index aff40d4a6a..c66a786537 100644
--- a/kubernetes/dcaegen2/values.yaml
+++ b/kubernetes/dcaegen2/values.yaml
@@ -26,3 +26,25 @@ global:
busyboxImage: library/busybox:1.30
redis:
replicaCount: 6
+
+# Enable all DCAE components except redis by default
+dcae-bootstrap:
+ enabled: true
+dcae-cloudify-manager:
+ enabled: true
+dcae-config-binding-service:
+ enabled: true
+dcae-dashboard:
+ enabled: true
+dcae-deployment-handler:
+ enabled: true
+dcae-healthcheck:
+ enabled: true
+dcae-inventory-api:
+ enabled: true
+dcae-policy-handler:
+ enabled: true
+dcae-redis:
+ enabled: false
+dcae-servicechange-handler:
+ enabled: true \ No newline at end of file
diff --git a/kubernetes/dcaemod/Makefile b/kubernetes/dcaemod/Makefile
index b1e5a7355e..b7cf1a6963 100644
--- a/kubernetes/dcaemod/Makefile
+++ b/kubernetes/dcaemod/Makefile
@@ -11,7 +11,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-make-dcaemod: make-dcaemod-distributor-api make-dcaemod-genprocessor make-dcaemod-designtool make-dcaemod-onboarding-api make-dcaemod-runtime-api make-dcaemod-nifi-registry
+make-dcaemod: make-dcaemod-distributor-api make-dcaemod-genprocessor make-dcaemod-designtool make-dcaemod-onboarding-api make-dcaemod-runtime-api make-dcaemod-nifi-registry make-dcaemod-healthcheck
make-dcaemod-distributor-api:
cd components && helm dep up dcaemod-genprocessor && helm lint dcaemod-genprocessor
@@ -31,6 +31,9 @@ make-dcaemod-runtime-api:
make-dcaemod-nifi-registry:
cd components && helm dep up dcaemod-nifi-registry && helm lint dcaemod-nifi-registry
+make-dcaemod-healthcheck:
+ cd components && helm dep up dcaemod-healthcheck && helm lint dcaemod-healthcheck
+
clean:
@find . -type f -name '*.tgz' -delete
@find . -type f -name '*.lock' -delete
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml
new file mode 100644
index 0000000000..00b0117115
--- /dev/null
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE MOD Health Check
+name: dcaemod-healthcheck
+version: 6.0.0
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml
new file mode 100644
index 0000000000..6f858bda03
--- /dev/null
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml
new file mode 100644
index 0000000000..64268abb33
--- /dev/null
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml
@@ -0,0 +1,64 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ replicas: 1
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ ( index .Values.service.ports 0).port }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ ( index .Values.service.ports 0).port }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/expected-components.json
+ subPath: expected-components.json
+ name: {{ include "common.fullname" .}}-expected-components
+ env:
+ - name: DCAE_NAMESPACE
+ value: {{ .Values.dcae_ns }}
+ - name: ONAP_NAMESPACE
+ value: {{ include "common.namespace" . }}
+ - name: HELM_RELEASE
+ value: {{ include "common.release" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-expected-components
+ configMap:
+ name: {{ include "common.release" . }}-dcaemod-expected-components
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/service.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/service.yaml
new file mode 100644
index 0000000000..30eda2cfe8
--- /dev/null
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/service.yaml
@@ -0,0 +1,18 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+{{ include "common.service" . }} \ No newline at end of file
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
new file mode 100644
index 0000000000..fae177ca38
--- /dev/null
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
@@ -0,0 +1,69 @@
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+service:
+ name: dcaemod-healthcheck
+ type: ClusterIP
+ ports:
+ - name: http
+ port: 8080
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.0.0
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+
+
diff --git a/kubernetes/dcaemod/requirements.yaml b/kubernetes/dcaemod/requirements.yaml
index 830eac3b5a..98a563f535 100644
--- a/kubernetes/dcaemod/requirements.yaml
+++ b/kubernetes/dcaemod/requirements.yaml
@@ -23,15 +23,24 @@ dependencies:
- name: dcaemod-distributor-api
version: ~6.x-0
repository: 'file://components/dcaemod-distributor-api'
+ condition: dcaemod-distributor-api.enabled
- name: dcaemod-designtool
version: ~6.x-0
repository: 'file://components/dcaemod-designtool'
+ condition: dcaemod-designtool.enabled
- name: dcaemod-onboarding-api
version: ~6.x-0
repository: 'file://components/dcaemod-onboarding-api'
+ condition: dcaemod-onboarding-api.enabled
- name: dcaemod-runtime-api
version: ~6.x-0
repository: 'file://components/dcaemod-runtime-api'
+ condition: dcaemod-runtime-api.enabled
- name: dcaemod-nifi-registry
version: ~6.x-0
- repository: 'file://components/dcaemod-nifi-registry' \ No newline at end of file
+ repository: 'file://components/dcaemod-nifi-registry'
+ condition: dcaemod-nifi-registry.enabled
+ - name: dcaemod-healthcheck
+ version: ~6.x-0
+ repository: 'file://components/dcaemod-healthcheck'
+ condition: dcaemod-healthcheck.enabled \ No newline at end of file
diff --git a/kubernetes/dcaemod/resources/expected-components.json b/kubernetes/dcaemod/resources/expected-components.json
new file mode 100644
index 0000000000..7fd644c3f8
--- /dev/null
+++ b/kubernetes/dcaemod/resources/expected-components.json
@@ -0,0 +1,10 @@
+[
+{{- $ctx := . }}
+{{- $components := tuple "dcaemod-designtool" "dcaemod-distributor-api" "dcaemod-genprocessor" "dcaemod-nifi-registry" "dcaemod-onboarding-api" "dcaemod-runtime-api" }}
+{{- range $i, $v := $components }}
+{{- if index $ctx.Values . "enabled" }}
+{{- if $i }},{{ end }}
+{{ $v | quote | indent 2 }}
+{{- end -}}
+{{- end }}
+] \ No newline at end of file
diff --git a/kubernetes/dcaemod/templates/configmap.yaml b/kubernetes/dcaemod/templates/configmap.yaml
new file mode 100644
index 0000000000..9748319c9a
--- /dev/null
+++ b/kubernetes/dcaemod/templates/configmap.yaml
@@ -0,0 +1,24 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.release" . }}-dcaemod-expected-components
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} \ No newline at end of file
diff --git a/kubernetes/dcaemod/values.yaml b/kubernetes/dcaemod/values.yaml
new file mode 100644
index 0000000000..6c1dff5b3d
--- /dev/null
+++ b/kubernetes/dcaemod/values.yaml
@@ -0,0 +1,39 @@
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+ busyboxRepository: docker.io
+ busyboxImage: library/busybox:1.30
+
+# Enable all DCAE MOD components by default
+dcaemod-designtool:
+ enabled: true
+dcaemod-distributor-api:
+ enabled: true
+dcaemod-genprocessor:
+ enabled: true
+dcaemod-healthcheck:
+ enabled: true
+dcaemod-nifi-registry:
+ enabled: true
+dcaemod-onboarding-api:
+ enabled: true
+dcaemod-runtime-api:
+ enabled: true \ No newline at end of file
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml
index 5b22f06aa8..cde35af14c 100644
--- a/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/dmaap-provisioning-job.yaml
@@ -52,11 +52,11 @@ spec:
- name: {{ include "common.fullname" . }}-dbc-dcaelocations
mountPath: /opt/app/config/dcaeLocations/
- name: {{ include "common.fullname" . }}-dr-nodes
- mountPath: /opt/app/config/dr-nodes/
+ mountPath: /opt/app/config/dr_nodes/
- name: {{ include "common.fullname" . }}-feeds
mountPath: /opt/app/config/feeds/
- name: {{ include "common.fullname" . }}-mr-clusters
- mountPath: /opt/app/config/mr-clusters/
+ mountPath: /opt/app/config/mr_clusters/
- name: {{ include "common.fullname" . }}-topics
mountPath: /opt/app/config/topics/
resources: {{ include "common.resources" . | nindent 10 }}
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
index 94b026fab7..a873762295 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
@@ -25,4 +25,7 @@ dependencies:
- name: mariadb-galera
alias: mariadb
version: ~6.x-0
- repository: '@local' \ No newline at end of file
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
index adbdb688c2..8db6edba1e 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
@@ -46,61 +46,15 @@ spec:
apiVersion: v1
fieldPath: metadata.namespace
{{- if .Values.global.aafEnabled }}
- - name: {{ include "common.name" . }}-aaf-readiness
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /root/ready.py
- args:
- - --container-name
- - aaf-locate
- - --container-name
- - aaf-cm
- - --container-name
- - aaf-service
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: {{ include "common.name" . }}-dr-prov-aaf-config
- image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
- env:
- - name: APP_FQI
- value: "{{ .Values.aafConfig.fqi }}"
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
- - name: aaf_locator_container
- value: "{{ .Values.global.aafLocatorContainer }}"
- - name: aaf_locator_container_ns
- value: "{{ .Release.Namespace }}"
- - name: aaf_locator_fqdn
- value: "{{ .Values.aafConfig.fqdn }}"
- - name: aaf_locator_public_fqdn
- value: "{{.Values.aafConfig.publicFqdn}}"
- - name: aaf_locator_app_ns
- value: "{{ .Values.global.aafAppNs }}"
- - name: DEPLOY_FQI
- value: "{{ .Values.aafConfig.aafDeployFqi }}"
- - name: DEPLOY_PASSWORD
- value: "{{ .Values.aafConfig.aafDeployPass }}"
- - name: cadi_longitude
- value: "{{ .Values.aafConfig.cadiLongitude }}"
- - name: cadi_latitude
- value: "{{ .Values.aafConfig.cadiLatitude }}"
+
+ {{ include "common.certInitializer.initContainer" . | nindent 8 }}
+
- name: {{ include "common.name" . }}-permission-fixer
image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
command: ["chown","-Rf","1000:1001", "/opt/app/"]
+
{{ end }}
containers:
- name: {{ include "common.name" . }}
@@ -125,11 +79,7 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "login") | indent 12 }}
- name: DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "password") | indent 12 }}
- volumeMounts:
- {{- if .Values.global.aafEnabled }}
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- end }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: false
@@ -163,7 +113,7 @@ spec:
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap/datarouter-prov
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
@@ -183,14 +133,5 @@ spec:
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- {{- if .Values.global.aafEnabled }}
- - name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-aaf-props
- {{- else }}
- emptyDir: {}
- {{- end }}
- {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml
deleted file mode 100644
index 1a09a81a0e..0000000000
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/*
- # ============LICENSE_START=======================================================
- # Copyright (C) 2019 Nordix Foundation.
- # ================================================================================
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # SPDX-License-Identifier: Apache-2.0
- # ============LICENSE_END=========================================================
-*/}}
-{{- if .Values.global.aafEnabled }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-aaf-props
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-aaf-props
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-aaf-props
-spec:
- capacity:
- storage: {{ .Values.persistence.aafCredsSize}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.aafCredsMountSubPath }}
-{{ end -}}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml
deleted file mode 100644
index c6ac7497b5..0000000000
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-{{/*
- # ============LICENSE_START=======================================================
- # Copyright (C) 2019 Nordix Foundation.
- # ================================================================================
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # SPDX-License-Identifier: Apache-2.0
- # ============LICENSE_END=========================================================
-*/}}
-{{- if .Values.global.aafEnabled }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-aaf-props
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.aafCredsSize }}
-{{ end -}}
-{{ end -}}
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
index 3fb90f0533..1cf2e583d1 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
@@ -25,7 +25,7 @@ global:
#################################################################
secrets:
- uid: dmaap-dr-db-user-secret
- name: '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
+ name: &dbSecretName '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.dmaapDrDb.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.dmaapDrDb.userName }}'
@@ -69,10 +69,6 @@ persistence:
accessMode: ReadWriteOnce
mountPath: /dockerdata-nfs
- aafCredsMountSubPath: data-router/dr-prov/aaf-props
- aafCredsSize: 10M
- aafCredsPath: /opt/app/osaaf/local
-
ingress:
enabled: false
service:
@@ -111,7 +107,7 @@ mariadb:
nameOverride: dmaap-dr-db
replicaCount: 2
config:
- userCredentialsExternalSecret: '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
+ userCredentialsExternalSecret: *dbSecretName
mysqlDatabase: datarouter
service:
name: dmaap-dr-db-svc
@@ -121,15 +117,22 @@ mariadb:
size: 1Gi
mountSubPath: data-router/dr-db-data
-#AAF local config
-aafConfig:
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: dmaap-dr-prov-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
+# aafDeployCredsExternalSecret: some secret
fqdn: dmaap-dr-prov
fqi: dmaap-dr-prov@dmaap-dr.onap.org
publicFqdn: dmaap-dr.onap.org
cadiLatitude: 0.0
cadiLongitude: 0.0
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml
index 65588b5f39..874d498284 100644
--- a/kubernetes/onap/Chart.yaml
+++ b/kubernetes/onap/Chart.yaml
@@ -15,7 +15,7 @@
apiVersion: v1
name: onap
version: 6.0.0
-appVersion: El Alto
+appVersion: Frankfurt
description: Open Network Automation Platform (ONAP)
home: https://www.onap.org/
sources:
diff --git a/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml
new file mode 100644
index 0000000000..da00f61e2f
--- /dev/null
+++ b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml
@@ -0,0 +1,47 @@
+# Copyright © 2020 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+#
+# These overrides will affect all helm charts (ie. applications)
+# that are listed below and are 'enabled'.
+#
+#
+# This is specifically for the environments which take time to
+# deploy ONAP. This increase in timeouts prevents false restarting of
+# the pods during startup configuration.
+#
+# These timers have been tuned by the ONAP integration team. They
+# have been tested and validated in the ONAP integration lab (Intel/Windriver lab).
+# They are however indicative and may be adapted to your environment as they
+# depend on the performance of the infrastructure you are installing ONAP on.
+#
+# Please note that these timers must remain reasonable, in other words, if
+# your infrastructure is not performant enough, extending the timers to very
+# large value may not fix all installation issues on over subscribed hardware.
+#
+#################################################################
+global:
+ cmpv2Enabled: true
+ aaf:
+ certServiceClient:
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 973613b464..8a94369d39 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -50,7 +50,7 @@ global:
# readiness check - temporary repo until images migrated to nexus3
readinessRepository: oomk8s
- readinessImage: readiness-check:2.2.1
+ readinessImage: readiness-check:2.2.2
# curl image
curlImage: curlimages/curl:7.69.1
@@ -58,6 +58,16 @@ global:
# logging agent - temporary repo until images migrated to nexus3
loggingRepository: docker.elastic.co
+ # dockerHub main repository
+ dockerHubRepository: docker.io
+
+ # busybox repo and image
+ busyboxRepository: docker.io
+ busyboxImage: busybox:1.30
+
+ # kubeclt image
+ kubectlImage: "bitnami/kubectl:1.15"
+
# image pull policy
pullPolicy: Always
@@ -101,6 +111,28 @@ global:
# Enabling CMPv2
cmpv2Enabled: true
+ aaf:
+ certServiceClient:
+ image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.1.0
+ secret:
+ name: aaf-cert-service-client-tls-secret
+ mountPath: /etc/onap/aaf/certservice/certs/
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
+ requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+ outputType: "P12"
+ requestTimeout: "20000"
+ keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
+ keystorePassword: "secret"
+ truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"
+ truststorePassword: "secret"
# TLS
# Set to false if you want to disable TLS for NodePorts. Be aware that this
diff --git a/kubernetes/portal/components/portal-sdk/requirements.yaml b/kubernetes/portal/components/portal-sdk/requirements.yaml
index c5d7864b9d..00b92235f3 100644
--- a/kubernetes/portal/components/portal-sdk/requirements.yaml
+++ b/kubernetes/portal/components/portal-sdk/requirements.yaml
@@ -16,3 +16,6 @@ dependencies:
- name: common
version: ~6.x-0
repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/portal/components/portal-sdk/resources/server/server.xml b/kubernetes/portal/components/portal-sdk/resources/server/server.xml
index dffcfbe419..1cea5ab8f8 100644
--- a/kubernetes/portal/components/portal-sdk/resources/server/server.xml
+++ b/kubernetes/portal/components/portal-sdk/resources/server/server.xml
@@ -94,7 +94,7 @@
{{ if .Values.global.aafEnabled }}
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- keystoreFile="{{.Values.aafConfig.credsPath}}/{{.Values.aafConfig.keystoreFile}}"
+ keystoreFile="{{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.keystoreFile}}"
keystorePass="${javax.net.ssl.keyStorePassword}"
clientAuth="false" sslProtocol="TLS" />
{{ end }}
@@ -152,4 +152,4 @@
</Host>
</Engine>
</Service>
-</Server> \ No newline at end of file
+</Server>
diff --git a/kubernetes/portal/components/portal-sdk/templates/configmap.yaml b/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
index 1dbdeedd5a..5ad9910c56 100644
--- a/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
+++ b/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
@@ -26,17 +26,3 @@ metadata:
data:
{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTALSDK/*").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
-
-{{ if .Values.global.aafEnabled }}
-{{- if .Values.aafConfig.addconfig -}}
----
-apiVersion: v1
-kind: ConfigMap
-{{- $suffix := "aaf-add-config" }}
-metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
-data:
- aaf-add-config.sh: |-
- /opt/app/aaf_config/bin/agent.sh;/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.aafConfig.fqi}} {{ .Values.aafConfig.fqdn }} > {{ .Values.aafConfig.credsPath }}/mycreds.prop
-{{- end -}}
-{{- end -}} \ No newline at end of file
diff --git a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
index b78ef34fa1..e7913ba1a5 100644
--- a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
@@ -46,24 +46,22 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- {{- if .Values.global.aafEnabled }}
-{{ include "common.aaf-config" . | indent 6 }}
- {{- end }}
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c"]
{{- if .Values.global.aafEnabled }}
- args: ["export $(grep '^c' {{ .Values.aafConfig.credsPath }}/mycreds.prop | xargs -0);\
+ args: ["export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0);\
export _JAVA_OPTIONS=\"-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \
-Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
env:
- name: CATALINA_OPTS
value: >
- -Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}"
- -Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}"
+ -Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}"
+ -Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}"
{{- else }}
args: ["/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
{{- end }}
@@ -82,9 +80,7 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- {{- if .Values.global.aafEnabled }}
-{{ include "common.aaf-config-volume-mountpath" . | indent 8 }}
- {{- end }}
+{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- name: properties-onapportalsdk
mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
subPath: server.xml
@@ -148,8 +144,6 @@ spec:
emptyDir: {}
- name: portal-tomcat-logs
emptyDir: {}
- {{- if .Values.global.aafEnabled }}
-{{ include "common.aaf-config-volumes" . | indent 8 }}
- {{- end }}
+{{ include "common.certInitializer.volumes" . | indent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml
index 2363ec5691..47c0189c40 100644
--- a/kubernetes/portal/components/portal-sdk/values.yaml
+++ b/kubernetes/portal/components/portal-sdk/values.yaml
@@ -27,7 +27,6 @@ global:
persistence: {}
#AAF service
aafEnabled: true
- aafAgentImage: onap/aaf/aaf_agent:2.1.20
#################################################################
# Application configuration defaults.
@@ -40,30 +39,25 @@ pullPolicy: Always
#AAF local config
aafURL: https://aaf-service:8100/authz/
-aafConfig:
+certInitializer:
+ nameOverride: portal-sdk-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
fqdn: portal
fqi: portal@portal.onap.org
- publicFqdn: portal.onap.org
+ public_fqdn: portal.onap.org
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
credsPath: /opt/app/osaaf/local
app_ns: org.osaaf.aaf
permission_user: 1000
permission_group: 999
- addconfig: true
- secret_uid: &aaf_secret_uid portal-sdk-aaf-deploy-creds
keystoreFile: "org.onap.portal.p12"
truststoreFile: "org.onap.portal.trust.jks"
-
-secrets:
- - uid: *aaf_secret_uid
- type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
- login: '{{ .Values.aafConfig.aafDeployFqi }}'
- password: '{{ .Values.aafConfig.aafDeployPass }}'
- passwordPolicy: required
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh;
+ /opt/app/aaf_config/bin/agent.sh local showpass \
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
# flag to enable debugging - application support required
debugEnabled: false
diff --git a/kubernetes/robot b/kubernetes/robot
-Subproject 51322d3b374588a051b4a5522fbd25ac92ffb32
+Subproject 7ee95b4c8f667dd0506499db17688473309cd91
diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml
index ac0403b889..efe9cb0cf0 100644
--- a/kubernetes/sdc/charts/sdc-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-be/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-backend:1.6.6
-backendInitImage: onap/sdc-backend-init:1.6.6
+image: onap/sdc-backend:1.6.7
+backendInitImage: onap/sdc-backend-init:1.6.7
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml
index cabf2c19eb..927dd98887 100644
--- a/kubernetes/sdc/charts/sdc-cs/values.yaml
+++ b/kubernetes/sdc/charts/sdc-cs/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.6.6
-cassandraInitImage: onap/sdc-cassandra-init:1.6.6
+image: onap/sdc-cassandra:1.6.7
+cassandraInitImage: onap/sdc-cassandra-init:1.6.7
pullPolicy: Always
diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml
index 98452c23e1..ff1890ca66 100644
--- a/kubernetes/sdc/charts/sdc-fe/values.yaml
+++ b/kubernetes/sdc/charts/sdc-fe/values.yaml
@@ -28,7 +28,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-frontend:1.6.6
+image: onap/sdc-frontend:1.6.7
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
index f83000f74a..bdd99953bd 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-onboard-backend:1.6.6
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.6
+image: onap/sdc-onboard-backend:1.6.7
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.7
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
index 05793d4f5b..8bab2c84ea 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-workflow-backend:1.7.0
-configInitImage: onap/sdc-workflow-init:1.7.0
+image: onap/workflow-backend:1.6.4
+configInitImage: onap/workflow-init:1.6.4
pullPolicy: Always
initJob:
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
index aaa7795709..359c33ab61 100644
--- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
@@ -28,7 +28,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-workflow-frontend:1.7.0
+image: onap/workflow-frontend:1.6.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
index 5713b0918e..9fe8232532 100644
--- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
@@ -56,7 +56,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.8.3
+image: onap/sdnc-dmaap-listener-image:1.8.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
index 749fe62459..fc93a6ea32 100644
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
@@ -56,7 +56,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.8.3
+image: onap/sdnc-ansible-server-image:1.8.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
index 029159d03f..f2ce269505 100644
--- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
@@ -73,7 +73,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.8.3
+image: onap/admportal-sdnc-image:1.8.4
config:
dbFabricDB: mysql
dbFabricUser: admin
diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml
index 2754ab274a..d9baeab11c 100644
--- a/kubernetes/sdnc/charts/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml
@@ -62,7 +62,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.8.3
+image: onap/sdnc-ueb-listener-image:1.8.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg b/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg
index 117a663dd4..a2daef1833 100644
--- a/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg
+++ b/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg
@@ -16,10 +16,10 @@
# limitations under the License.
#
################################################################################
-
-# Common pattern layout for appenders
-log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %X{currentGraph} - %X{nodeId} | %m%n
-
+# Properties used as default values in MDC
+log4j2.property.ServiceName = INTERNAL
+log4j2.property.ErrorCode = 900
+log4j2.property.ErrorDesc = UnknownError
# Common properties
maxFileSize=100MB
@@ -28,111 +28,173 @@ logDir=/var/log/onap
componentName=sdnc
logDirectory=${logDir}/${componentName}
karafLogName=karaf
-errorLogName=error
-metricsLogName=metrics
auditLogName=audit
debugLogName=debug
+errorLogName=error
+metricsLogName=metric
+requestResponseLogName=request-response
+securityLogName=security
-
-# Root logger
log4j2.rootLogger.level = INFO
-# uncomment to use asynchronous loggers, which require mvn:com.lmax/disruptor/3.3.2 library
-#log4j2.rootLogger.type = asyncRoot
-#log4j2.rootLogger.includeLocation = false
-log4j2.rootLogger.appenderRef.RollingFile.ref = RollingFile
+log4j2.rootLogger.appenderRef.KarafFile.ref = KarafFile
log4j2.rootLogger.appenderRef.PaxOsgi.ref = PaxOsgi
log4j2.rootLogger.appenderRef.Console.ref = Console
+log4j2.rootLogger.appenderRef.DebugFile.ref = DebugFile
+log4j2.rootLogger.appenderRef.ErrorFile.ref = ErrorFile
log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter
log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${karaf.log.console:-OFF}
-# Loggers configuration
-
-# Spifly logger
-log4j2.logger.spifly.name = org.apache.aries.spifly
-log4j2.logger.spifly.level = WARN
-
-# Security audit logger
-log4j2.logger.audit.name = org.apache.karaf.jaas.modules.audit
-log4j2.logger.audit.level = INFO
-log4j2.logger.audit.additivity = false
-log4j2.logger.audit.appenderRef.AuditRollingFile.ref = AuditRollingFile
+log4j2.bundle.info = %X{bundle.id} - %.50X{bundle.name} - %X{bundle.version}
+# Veracode: Address Improper Output Neutralization for Logs CWE ID 117 flaw
+# \\R matches any new line character, any new line character will replaced with space (stripped)
+log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | ${log4j2.bundle.info} | %X{currentGraph} - %X{nodeId} | %replace{%m}{\\R}{ }%n
# Appenders configuration
-
# Console appender not used by default (see log4j2.rootLogger.appenderRefs)
log4j2.appender.console.type = Console
log4j2.appender.console.name = Console
log4j2.appender.console.layout.type = PatternLayout
log4j2.appender.console.layout.pattern = ${log4j2.pattern}
-# Rolling file appender
-log4j2.appender.rolling.type = RollingRandomAccessFile
-log4j2.appender.rolling.name = RollingFile
-log4j.appender.rolling.level = INFO
-log4j2.appender.rolling.fileName = ${logDirectory}/${karafLogName}.log
-log4j2.appender.rolling.filePattern = ${logDirectory}/${karafLogName}.log.%i
-# uncomment to not force a disk flush
-#log4j2.appender.rolling.immediateFlush = false
-log4j2.appender.rolling.append = true
-log4j2.appender.rolling.layout.type = PatternLayout
-log4j2.appender.rolling.layout.pattern = ${log4j2.pattern}
-log4j2.appender.rolling.policies.type = Policies
-log4j2.appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
-log4j2.appender.rolling.policies.size.size = ${maxFileSize}
-
-# Audit file appender - not currently used, so commented out
-log4j2.appender.audit.type = RollingRandomAccessFile
-log4j2.appender.audit.name = AuditRollingFile
-log4j2.appender.audit.fileName = ${logDirectory}/${auditLogName}.log
-log4j2.appender.audit.filePattern = ${logDirectory}/${auditLogName}.log.%i
-log4j2.appender.audit.append = true
-log4j2.appender.audit.layout.type = PatternLayout
-log4j2.appender.audit.layout.pattern = ${log4j2.pattern}
-log4j2.appender.audit.policies.type = Policies
-log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy
-log4j2.appender.audit.policies.size.size = ${maxFileSize}
-
# OSGi appender
log4j2.appender.osgi.type = PaxOsgi
log4j2.appender.osgi.name = PaxOsgi
log4j2.appender.osgi.filter = *
-
-#ECOMP Debug appender
+# KarafFile appender
+log4j2.appender.karaf.type = RollingRandomAccessFile
+log4j2.appender.karaf.name = KarafFile
+log4j2.appender.karaf.fileName = ${logDirectory}/${karafLogName}.log
+log4j2.appender.karaf.filePattern = ${logDirectory}/${karafLogName}.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.karaf.immediateFlush = false
+log4j2.appender.karaf.append = true
+log4j2.appender.karaf.layout.type = PatternLayout
+log4j2.appender.karaf.layout.pattern = ${log4j2.pattern}
+log4j2.appender.karaf.policies.type = Policies
+log4j2.appender.karaf.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.karaf.policies.size.size = ${maxFileSize}
+log4j2.appender.karaf.strategy.type = DefaultRolloverStrategy
+log4j2.appender.karaf.strategy.max = ${maxBackupIndex}
+log4j2.appender.karaf.strategy.fileIndex = min
+
+#ecomp logging standards
log4j2.appender.debug.type = RollingRandomAccessFile
-log4j2.appender.debug.name = DebugRollingFile
+log4j2.appender.debug.name = DebugFile
log4j2.appender.debug.fileName = ${logDirectory}/${debugLogName}.log
log4j2.appender.debug.filePattern = ${logDirectory}/${debugLogName}.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.debug.immediateFlush = false
log4j2.appender.debug.append = true
log4j2.appender.debug.layout.type = PatternLayout
-log4j2.appender.debug.layout.pattern = ${log4j2.pattern}
+log4j2.appender.debug.layout.pattern = %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%-16.16t|%-5.5p|%-32.32c{1}|${log4j2.bundle.info}|%replace{%m}{\\R}{ }%n
log4j2.appender.debug.policies.type = Policies
log4j2.appender.debug.policies.size.type = SizeBasedTriggeringPolicy
log4j2.appender.debug.policies.size.size = ${maxFileSize}
+log4j2.appender.debug.strategy.type = DefaultRolloverStrategy
+log4j2.appender.debug.strategy.max = ${maxBackupIndex}
+log4j2.appender.debug.strategy.fileIndex = min
-
-#Error appender
log4j2.appender.error.type = RollingRandomAccessFile
-log4j2.appender.error.name = ErrorRollingFile
+log4j2.appender.error.name = ErrorFile
log4j2.appender.error.fileName = ${logDirectory}/${errorLogName}.log
log4j2.appender.error.filePattern = ${logDirectory}/${errorLogName}.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.error.immediateFlush = false
log4j2.appender.error.append = true
log4j2.appender.error.layout.type = PatternLayout
-log4j2.appender.error.layout.pattern = ${log4j2.pattern}
+log4j2.appender.error.layout.pattern = %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%-16.16t|$\$\\\{ctx:ServiceName\}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%p|$\$\\\{ctx:ErrorCode\}|$\$\\\{ctx:ErrorDesc\}|%replace{%m}{\\R}{ }%ex{full}{separator(\\n)}%n
+
log4j2.appender.error.policies.type = Policies
log4j2.appender.error.policies.size.type = SizeBasedTriggeringPolicy
log4j2.appender.error.policies.size.size = ${maxFileSize}
+log4j2.appender.error.strategy.type = DefaultRolloverStrategy
+log4j2.appender.error.strategy.max = ${maxBackupIndex}
+log4j2.appender.error.strategy.fileIndex = min
+log4j2.appender.error.filter.threshold.type = ThresholdFilter
+log4j2.appender.error.filter.threshold.level = WARN
+log4j2.appender.error.filter.threshold.match = ACCEPT
+
+log4j2.appender.metric.type = RollingRandomAccessFile
+log4j2.appender.metric.name = MetricFile
+log4j2.appender.metric.fileName = ${logDirectory}/${metricsLogName}.log
+log4j2.appender.metric.filePattern = ${logDirectory}/${metricsLogName}.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.metric.immediateFlush = false
+log4j2.appender.metric.append = true
+log4j2.appender.metric.layout.type = PatternLayout
+log4j2.appender.metric.layout.pattern=%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%-16.16t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceID}|%p|%X{Severity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{ClientIPAddress}|%C{1}|||%X{TargetElement}|%X{slf4j.marker}|%X|%X{currentGraph} - %X{nodeId}|${log4j2.bundle.info}|%m%n
+log4j2.appender.metric.policies.type = Policies
+log4j2.appender.metric.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.metric.policies.size.size = ${maxFileSize}
+log4j2.appender.metric.strategy.type = DefaultRolloverStrategy
+log4j2.appender.metric.strategy.max = 100
+log4j2.appender.metric.strategy.fileIndex = min
-#Metrics appender - not used so commented out
-#log4j2.appender.metrics.type = RollingRandomAccessFile
-#log4j2.appender.metrics.name = MetricsRollingFile
-#log4j2.appender.metrics.fileName = ${logDirectory}/${metricsLogName}.log
-#log4j2.appender.metrics.filePattern = ${logDirectory}/${metricsLogName}.log.%i
-#log4j2.appender.metrics.append = true
-#log4j2.appender.metrics.layout.type = PatternLayout
-#log4j2.appender.metrics.layout.pattern = ${log4j2.pattern}
-#log4j2.appender.metrics.policies.type = Policies
-#log4j2.appender.metrics.policies.size.type = SizeBasedTriggeringPolicy
-#log4j2.appender.metrics.policies.size.size = ${maxFileSize}
+log4j2.appender.audit.type = RollingRandomAccessFile
+log4j2.appender.audit.name = AuditFile
+log4j2.appender.audit.fileName = ${logDirectory}/${auditLogName}.log
+log4j2.appender.audit.filePattern = ${logDirectory}/${auditLogName}.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.audit.immediateFlush = false
+log4j2.appender.audit.append = true
+log4j2.appender.audit.layout.type = PatternLayout
+log4j2.appender.audit.layout.pattern=%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%-16.16t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceID}|INFO|%X{Severity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{ClientIPAddress}|%C{1}|%X{AUDIT-Unused}|%X{AUDIT-ProcessKey}|%X{slf4j.marker}|%X|%X{currentGraph} - %X{nodeId}|${log4j2.bundle.info}|%m%n
+log4j2.appender.audit.policies.type = Policies
+log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.audit.policies.size.size = ${maxFileSize}
+log4j2.appender.audit.strategy.type = DefaultRolloverStrategy
+log4j2.appender.audit.strategy.max = ${maxBackupIndex}
+log4j2.appender.audit.strategy.fileIndex = min
+
+log4j2.appender.rr.name = RequestResponseFile
+log4j2.appender.rr.type = RollingRandomAccessFile
+log4j2.appender.rr.fileName = ${logDirectory}/${requestResponseLogName}.log
+log4j2.appender.rr.filePattern = ${logDirectory}/${requestResponseLogName}.log.%i
+log4j2.appender.rr.immediateFlush = false
+log4j2.appender.rr.append = true
+log4j2.appender.rr.layout.type = PatternLayout
+log4j2.appender.rr.layout.pattern = %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%X{PartnerName}|%m%n
+log4j2.appender.rr.policies.type = Policies
+log4j2.appender.rr.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.rr.policies.size.size = 50MB
+log4j2.appender.rr.strategy.type = DefaultRolloverStrategy
+log4j2.appender.rr.strategy.max = 100
+log4j2.appender.rr.strategy.fileIndex = min
+
+log4j2.appender.security.type = RollingRandomAccessFile
+log4j2.appender.security.name = securityRollingFile
+log4j2.appender.security.fileName = ${logDirectory}/${securityLogName}.log
+log4j2.appender.security.filePattern = ${logDirectory}/${securityLogName}.log.%i
+log4j2.appender.security.append = true
+log4j2.appender.security.layout.type = PatternLayout
+log4j2.appender.security.layout.pattern = ${log4j2.pattern}
+log4j2.appender.security.policies.type = Policies
+log4j2.appender.security.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.security.policies.size.size = ${maxFileSize}
+# Security audit logger
+log4j2.logger.security.name = org.apache.karaf.jaas.modules.audit
+log4j2.logger.security.level = INFO
+log4j2.logger.security.additivity = false
+log4j2.logger.security.appenderRef.AuditRollingFile.ref = AuditRollingFile
+log4j2.logger.audit.name = org.onap.logging.filter.base.AbstractAuditLogFilter
+log4j2.logger.audit.level = INFO
+log4j2.logger.audit.additivity = false
+log4j2.logger.audit.appenderRef.AuditFile.ref = AuditFile
+
+log4j2.logger.metric.name = org.onap.ccsdk.sli.core.filters.metric
+log4j2.logger.metric.level = INFO
+log4j2.logger.metric.additivity = false
+log4j2.logger.metric.appenderRef.MetricFile.ref = MetricFile
+
+log4j2.logger.metric2.name = org.onap.logging.filter.base.AbstractBaseMetricLogFilter
+log4j2.logger.metric2.level = INFO
+log4j2.logger.metric2.additivity = false
+log4j2.logger.metric2.appenderRef.MetricFile.ref = MetricFile
+
+log4j2.logger.rr.name = org.onap.logging.filter.base.PayloadLoggingServletFilter
+log4j2.logger.rr.level = INFO
+log4j2.logger.rr.additivity = false
+log4j2.logger.rr.appenderRef.RequestResponseFile.ref = RequestResponseFile
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 6001fab2c1..f16f3b1925 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -112,7 +112,7 @@ secrets:
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.8.3
+image: onap/sdnc-image:1.8.4
# flag to enable debugging - application support required
diff --git a/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
index 9ebe9a8041..31ea6ba650 100644
--- a/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
+++ b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
Binary files differ
diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
index 1166eab0c4..4128bc36ee 100755
--- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
@@ -55,11 +55,11 @@ etsi-catalog-manager:
vnfpkgm:
{{- if .Values.global.msbEnabled }}
endpoint: https://msb-iag:443/api/vnfpkgm/v1
- http:
- client:
- ssl:
- trust-store: ${TRUSTSTORE}
- trust-store-password: ${TRUSTSTORE_PASSWORD}
+ http:
+ client:
+ ssl:
+ trust-store: ${TRUSTSTORE}
+ trust-store-password: ${TRUSTSTORE_PASSWORD}
{{- else }}
endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1
{{- end }}