diff options
99 files changed, 842 insertions, 556 deletions
diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties index 2d7cf7f98c..89a118b25d 100644 --- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties +++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties @@ -62,4 +62,9 @@ ml.babel.KEYSTORE_FILE=aaf/local/{{ .Values.certInitializer.fqi_namespace }}.p12 ml.babel.KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD} ml.babel.TRUSTSTORE_FILE=aaf/local/{{ .Values.certInitializer.fqi_namespace }}.trust.jks ml.babel.TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD} +{{ else }} +ml.babel.KEYSTORE_FILE= +ml.babel.KEYSTORE_PASSWORD= +ml.babel.TRUSTSTORE_FILE= +ml.babel.TRUSTSTORE_PASSWORD= {{ end }} diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties index 78a07f2a0f..7258b7bef8 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/application.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties @@ -104,3 +104,7 @@ schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Value schema.service.ssl.key-store-password=${KEYSTORE_PASSWORD} schema.service.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} {{ end }} + +#to expose the Prometheus scraping endpoint +management.metrics.distribution.percentiles-histogram[http.server.requests]=true +management.metrics.distribution.sla[http.server.requests]=20ms, 30ms, 40ms, 50ms, 60ms, 70ms, 80ms, 90ms, 100ms, 500ms, 1000ms, 5000ms, 7000ms
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml index f5829a1dac..5ddd293658 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml @@ -26,18 +26,38 @@ */}}
<configuration>
<property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
+
+ <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>
+ <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
+ <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
+
+ <if condition='property("logToFileEnabled").contains("true")'>
+ <then>
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}.zip
+ </fileNamePattern>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS"/>
+ </then>
+ </if>
+
+ <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>
</encoder>
</appender>
- <appender-ref ref="ACCESS" />
+
+ <appender-ref ref="STDOUTACCESS" />
+
</configuration>
{{/*
<!--
diff --git a/kubernetes/aai/components/aai-resources/resources/config/logback.xml b/kubernetes/aai/components/aai-resources/resources/config/logback.xml index 287b59f535..b52318500d 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/logback.xml @@ -29,6 +29,12 @@ <property resource="application.properties" /> + <property name="maxHistory" value='{{.Values.logback.maxHistory}}' /> + <property name="totalSizeCap" value='{{.Values.logback.totalSizeCap}}' /> + <property name="queueSize" value='{{.Values.logback.queueSize}}'/> + + <property name="logToFileEnabled" value='{{.Values.logback.logToFileEnabled}}'/> + <property name="namespace" value="aai-resources"/> <property name="AJSC_HOME" value="${AJSC_HOME:-.}" /> @@ -57,229 +63,285 @@ <property name="metricPattern" value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|${p_mak}|${p_mdc}|||%msg%n" /> <property name="transLogPattern" value="%X{LogTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{RequestID}|%X{ServiceInstanceID}|%-10t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%replace(%replace(%X{ResponseDesc}){'\\|', '!'}){'\r|\n', '^'}|%X{InstanceUUID}|%level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{clientIpAddress}||%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{PartnerName}:%m%n"/> <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" /> - <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" /> - <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" /> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern> - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - </pattern> - </encoder> - </appender> + <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" /> + <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" /> - <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/sane.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - </pattern> - </encoder> - </appender> + <if condition='property("logToFileEnabled").contains("true")'> + <then> + <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/sane.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}.zip</fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + </pattern> + </encoder> + </appender> - <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="SANE" /> - </appender> - <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/metrics.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${metricPattern}</pattern> - </encoder> - </appender> + <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="SANE"/> + </appender> + <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/metrics.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}.zip</fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${metricPattern}</pattern> + </encoder> + </appender> - <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="METRIC"/> - </appender> + <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="METRIC"/> + </appender> - <appender name="DEBUG" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <file>${logDirectory}/rest/debug.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> + <appender name="DEBUG" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logDirectory}/rest/debug.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}.zip</fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> - <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <appender-ref ref="DEBUG" /> - <includeCallerData>true</includeCallerData> - </appender> - <appender name="ERROR" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/error.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}</fileNamePattern> - </rollingPolicy> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> - </appender> + <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="DEBUG"/> + <includeCallerData>true</includeCallerData> + </appender> + <appender name="ERROR" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/error.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}.zip</fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> + </appender> - <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <appender-ref ref="ERROR"/> - </appender> + <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="ERROR"/> + </appender> - <appender name="AUDIT" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/rest/audit.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${auditPattern}</pattern> - </encoder> - </appender> + <appender name="AUDIT" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/rest/audit.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${auditPattern}</pattern> + </encoder> + </appender> - <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="AUDIT" /> - </appender> + <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="AUDIT"/> + </appender> - <appender name="translog" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <file>${logDirectory}/rest/translog.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${transLogPattern}</pattern> - </encoder> - </appender> + <appender name="translog" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logDirectory}/rest/translog.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${transLogPattern}</pattern> + </encoder> + </appender> - <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="translog" /> - </appender> + <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="translog"/> + </appender> - <appender name="dmaapAAIEventConsumer" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${errorPattern}</pattern> - </encoder> + <appender name="dmaapAAIEventConsumer" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> - </appender> + </appender> - <appender name="dmaapAAIEventConsumerDebug" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>DEBUG</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - <appender name="dmaapAAIEventConsumerInfo" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${auditPattern}</pattern> - </encoder> - </appender> - <appender name="dmaapAAIEventConsumerMetric" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>INFO</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${metricPattern}</pattern> - </encoder> - </appender> - <appender name="external" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>WARN</level> - </filter> - <file>${logDirectory}/external/external.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>${debugPattern}</pattern> - </encoder> - </appender> - <appender name="auth" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>DEBUG</level> - </filter> - <file>${logDirectory}/auth/auth.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder> - <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern> + <appender name="dmaapAAIEventConsumerDebug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>DEBUG</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + <appender name="dmaapAAIEventConsumerInfo" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${auditPattern}</pattern> + </encoder> + </appender> + <appender name="dmaapAAIEventConsumerMetric" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${metricPattern}</pattern> + </encoder> + </appender> + <appender name="external" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <file>${logDirectory}/external/external.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + <appender name="auth" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>DEBUG</level> + </filter> + <file>${logDirectory}/auth/auth.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd}.zip + </fileNamePattern> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern> + </encoder> + </appender> + <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <includeCallerData>true</includeCallerData> + <appender-ref ref="auth"/> + </appender> + </then> + </if> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder"> + <providers> + <timestamp><fieldName>timestamp</fieldName></timestamp> + <message/> + <mdc> + <fieldName>context</fieldName> + <excludeMdcKeyName>ServerIPAddress</excludeMdcKeyName> + <excludeMdcKeyName>EntryTimestamp</excludeMdcKeyName> + <excludeMdcKeyName>InvokeTimestamp</excludeMdcKeyName> + <excludeMdcKeyName>ErrorCode</excludeMdcKeyName> + <excludeMdcKeyName>ErrorDesc</excludeMdcKeyName> + </mdc> + <stackTrace> + <fieldName>exception</fieldName> + <throwableConverter class="net.logstash.logback.stacktrace.ShortenedThrowableConverter"> + <exclude>^sun\.reflect\..*\.invoke</exclude> + <exclude>^net\.sf\.cglib\.proxy\.MethodProxy\.invoke</exclude> + <rootCauseFirst>true</rootCauseFirst> + </throwableConverter> + </stackTrace> + <threadName><fieldName>thread</fieldName></threadName> + <loggerName> + <fieldName>logger</fieldName> + <shortenedLoggerNameLength>36</shortenedLoggerNameLength> + </loggerName> + <logLevel/> + <pattern> + <pattern>{"logType":"app"}</pattern> + </pattern> + </providers> </encoder> </appender> - <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>1000</queueSize> - <includeCallerData>true</includeCallerData> - <appender-ref ref="auth" /> - </appender> + <!-- logback internals logging --> <logger name="ch.qos.logback.classic" level="WARN" /> @@ -302,45 +364,73 @@ <logger name="org.onap.aai" level="DEBUG" additivity="false"> - <appender-ref ref="asyncDEBUG" /> - <appender-ref ref="asyncSANE" /> - <appender-ref ref="STDOUT" /> + <if condition='property("logToFileEnabled").contains("true")'> + <then> + <appender-ref ref="asyncDEBUG"/> + <appender-ref ref="asyncSANE"/> + </then> + </if> + <appender-ref ref="STDOUT"/> </logger> <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false"> - <appender-ref ref="asyncAUTH" /> - <appender-ref ref="STDOUT" /> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO"> - <appender-ref ref="asyncAUDIT"/> - </logger> - <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO"> - <appender-ref ref="asyncAUDIT"/> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO"> - <appender-ref ref="asyncMETRIC"/> - </logger> - <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO"> - <appender-ref ref="dmaapAAIEventConsumerMetric"/> - </logger> - <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN"> - <appender-ref ref="asyncERROR"/> + <if condition='property("logToFileEnabled").contains("true")'> + <then> + <appender-ref ref="asyncAUTH"/> + </then> + </if> + <appender-ref ref="STDOUT"/> </logger> + + <if condition='property("logToFileEnabled").contains("true")'> + <then> + <!-- These loggers are not additive and will be redirected to the parent logger. + Sending events to log is handled by parent loggers--> + <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO"> + <appender-ref ref="asyncAUDIT"/> + </logger> + <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO"> + <appender-ref ref="asyncAUDIT"/> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO"> + <appender-ref ref="asyncMETRIC"/> + </logger> + <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO"> + <appender-ref ref="dmaapAAIEventConsumerMetric"/> + </logger> + <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN"> + <appender-ref ref="asyncERROR"/> + </logger> + <logger name="com.att.nsa.mr" level="INFO"> + <appender-ref ref="dmaapAAIEventConsumerInfo"/> + </logger> + </then> + </if> + <logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false"> - <appender-ref ref="asynctranslog" /> - <appender-ref ref="STDOUT" /> + <if condition='property("logToFileEnabled").contains("true")'> + <then> + <appender-ref ref="asynctranslog"/> + </then> + </if> + <appender-ref ref="STDOUT"/> </logger> <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false"> - <appender-ref ref="dmaapAAIEventConsumer" /> - <appender-ref ref="dmaapAAIEventConsumerDebug" /> - </logger> - - <logger name="com.att.nsa.mr" level="INFO" > - <appender-ref ref="dmaapAAIEventConsumerInfo" /> + <if condition='property("logToFileEnabled").contains("true")'> + <then> + <appender-ref ref="dmaapAAIEventConsumer"/> + <appender-ref ref="dmaapAAIEventConsumerDebug"/> + </then> + </if> + <appender-ref ref="STDOUT"/> </logger> <root level="DEBUG"> - <appender-ref ref="external" /> - <appender-ref ref="STDOUT" /> + <if condition='property("logToFileEnabled").contains("true")'> + <then> + <appender-ref ref="external"/> + </then> + </if> + <appender-ref ref="STDOUT"/> </root> -</configuration> +</configuration>
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 79702511a5..ce055334c0 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -280,3 +280,15 @@ serviceAccount: log: path: /var/log/onap logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + +# To make logback capping values configurable +logback: + logToFileEnabled: true + maxHistory: 7 + totalSizeCap: 1GB + queueSize: 1000 + +accessLogback: + logToFileEnabled: true + maxHistory: 7 + totalSizeCap: 1GB diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index 023bf4917b..7ed3e85555 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -108,7 +108,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-blueprintsprocessor:1.3.0 +image: onap/ccsdk-blueprintsprocessor:1.4.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index e2511401f3..8f3c3fdc78 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -32,7 +32,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-commandexecutor:1.3.0 +image: onap/ccsdk-commandexecutor:1.4.0 pullPolicy: Always # application configuration diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index a1eb0a0818..0c5900b31f 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -30,7 +30,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-py-executor:1.3.0 +image: onap/ccsdk-py-executor:1.4.0 pullPolicy: Always # default number of instances diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index 1499ad5b04..d9de4305ae 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -29,7 +29,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-sdclistener:1.3.0 +image: onap/ccsdk-sdclistener:1.4.0 name: sdc-listener pullPolicy: Always diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml index aeac9901a3..9028608a3e 100644 --- a/kubernetes/common/cmpv2Config/values.yaml +++ b/kubernetes/common/cmpv2Config/values.yaml @@ -35,5 +35,5 @@ global: truststorePasswordSecretName: oom-cert-service-truststore-password truststorePasswordSecretKey: password certPostProcessor: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.6.0 diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index ddad8d7360..b295026ae9 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -69,7 +69,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-dgbuilder-image:1.3.4 +image: onap/ccsdk-dgbuilder-image:1.4.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index e5e2a7a338..bfa5637275 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -74,7 +74,7 @@ mariadb-init: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-apps-ms-neng:1.3.0 +image: onap/ccsdk-apps-ms-neng:1.4.0 pullPolicy: IfNotPresent # application configuration diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 10703eff6e..aa6159c2b2 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -40,7 +40,7 @@ global: postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 readinessImage: onap/oom/readiness:3.0.1 dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 - dbcClientImage: onap/dmaap/dbc-client:2.0.9 + dbcClientImage: onap/dmaap/dbc-client:2.0.10 quitQuitImage: onap/oom/readiness:4.1.0 # Default credentials diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 6c742c07de..0b076ad08b 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -173,7 +173,14 @@ The exact content of the Deployment generated from this template depends on the content of .Values. The Deployment always includes a single Pod, with a container that uses -the DCAE microservice image. +the DCAE microservice image. The image name and tag are specified by +.Values.image. By default, the image comes from the ONAP repository +(registry) set up by the common repositoryGenerator template. A different +repository for the microservice image can be set using +.Values.imageRepositoryOverride. Note that this repository must not +require authentication, because there is no way to specify credentials for +the override repository. imageRepositoryOverride is intended primarily +for testing purposes. The Deployment Pod may also include a logging sidecar container. The sidecar is included if .Values.log.path is set. The @@ -271,7 +278,7 @@ spec: {{- end }} {{ include "dcaegen2-services-common._certPostProcessor" . | nindent 4 }} containers: - - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + - image: {{ default ( include "repositoryGenerator.repository" . ) .Values.imageRepositoryOverride }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} env: diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml index ecbfb72661..701fa4e67c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -51,7 +51,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.3.2 +image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.3.4 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -138,11 +138,7 @@ applicationConfig: dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT type: message_router - #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"${CONTROLLER_IP}:{CONTROLLER_PORT}","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' - # Workaround while DCAEGEN2-3234 is being resolved--hardcording the ${CONTROLLER_USERNAME} and ${CONTROLLER_PASSWORD} until the restconf-collector uses the latest CBS client SDK that can handle multiple substitutions in a string. - # The line immediately below this one should be used once DCAEGEN-3234 is resolved. - #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' - rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"access","controller_restapiPassword":"Huawei@123","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' #applicationEnv: # CONTROLLER_IP: "172.30.0.55" diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml index 63844a1da2..ac23536e56 100644 --- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml @@ -41,7 +41,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.snmptrap:2.0.6 +image: onap/org.onap.dcaegen2.collectors.snmptrap:2.0.7 pullPolicy: Always # Log directory where logging sidecar should look for log files diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml index e8a9403a1c..a746829906 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -62,7 +62,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.son-handler:2.1.7 +image: onap/org.onap.dcaegen2.services.son-handler:2.1.10 pullPolicy: Always # Log directory where logging sidecar should look for log files diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml index 4cd47dccb5..85ecb26b9a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml @@ -40,7 +40,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.2 +image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.4 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -154,7 +154,7 @@ applicationConfig: tca.aai.password: ${AAI_PASSWORD} tca.aai.url: https://aai:8443 tca.aai.username: ${AAI_USERNAME} - tca.policy: '{"domain":"measurementsForVfScaling","metricsPerEventName":[{"eventName":"vFirewallBroadcastPackets","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"LESS_OR_EQUAL","severity":"MAJOR","closedLoopEventStatus":"ONSET"},{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":700,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"vLoadBalancer","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"Measurement_vGMUX","controlLoopSchemaType":"VNF","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"EQUAL","severity":"MAJOR","closedLoopEventStatus":"ABATED"},{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"GREATER","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]}]}' + tca.policy: "[{\"domain\":\"measurementsForVfScaling\",\"violatedMetricsPerEventName\":[{\"eventName\":\"Mfvs_eNodeB_RANKPI\",\"controlLoopSchemaType\":\"VNF\",\"policyScope\":\"resource=vFirewall;type=configuration\",\"policyName\":\"configuration.dcae.microservice.tca.xml\",\"policyVersion\":\"v0.0.1\",\"thresholds\":[{\"closedLoopControlName\":\"CL-FRWL-LOW-TRAFFIC-SIG-d925ed73-8231-4d02-9545-db4e101f88f8\",\"closedLoopEventStatus\":\"ONSET\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated\",\"thresholdValue\":4000,\"direction\":\"LESS_OR_EQUAL\",\"severity\":\"MAJOR\"},{\"closedLoopControlName\":\"CL-FRWL-HIGH-TRAFFIC-SIG-EA36FE84-9342-5E13-A656-EC5F21309A09\",\"closedLoopEventStatus\":\"ONSET\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated\",\"thresholdValue\":20000,\"direction\":\"GREATER_OR_EQUAL\",\"severity\":\"CRITICAL\"}]},{\"eventName\":\"vLoadBalancer\",\"controlLoopSchemaType\":\"VNF\",\"policyScope\":\"resource=vLoadBalancer;type=configuration\",\"policyName\":\"configuration.dcae.microservice.tca.xml\",\"policyVersion\":\"v0.0.1\",\"thresholds\":[{\"closedLoopControlName\":\"CL-LBAL-LOW-TRAFFIC-SIG-FB480F95-A453-6F24-B767-FD703241AB1A\",\"closedLoopEventStatus\":\"ONSET\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated\",\"thresholdValue\":500,\"direction\":\"LESS_OR_EQUAL\",\"severity\":\"MAJOR\"},{\"closedLoopControlName\":\"CL-LBAL-LOW-TRAFFIC-SIG-0C5920A6-B564-8035-C878-0E814352BC2B\",\"closedLoopEventStatus\":\"ONSET\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated\",\"thresholdValue\":5000,\"direction\":\"GREATER_OR_EQUAL\",\"severity\":\"CRITICAL\"}]}]},{\"domain\":\"measurement\",\"metricsPerEventName\":[{\"eventName\":\"vFirewallBroadcastPackets\",\"controlLoopSchemaType\":\"VM\",\"policyScope\":\"DCAE\",\"policyName\":\"DCAE.Config_tca-hi-lo\",\"policyVersion\":\"v0.0.1\",\"thresholds\":[{\"closedLoopControlName\":\"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementFields.nicPerformanceArray[*].receivedTotalPacketsDelta\",\"thresholdValue\":300,\"direction\":\"LESS_OR_EQUAL\",\"severity\":\"MAJOR\",\"closedLoopEventStatus\":\"ABATED\"},{\"closedLoopControlName\":\"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementFields.nicPerformanceArray[*].receivedTotalPacketsDelta\",\"thresholdValue\":700,\"direction\":\"GREATER_OR_EQUAL\",\"severity\":\"CRITICAL\",\"closedLoopEventStatus\":\"ONSET\"}]},{\"eventName\":\"vLoadBalancer\",\"controlLoopSchemaType\":\"VM\",\"policyScope\":\"DCAE\",\"policyName\":\"DCAE.Config_tca-hi-lo\",\"policyVersion\":\"v0.0.1\",\"thresholds\":[{\"closedLoopControlName\":\"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementFields.nicPerformanceArray[*].receivedTotalPacketsDelta\",\"thresholdValue\":300,\"direction\":\"GREATER_OR_EQUAL\",\"severity\":\"CRITICAL\",\"closedLoopEventStatus\":\"ONSET\"}]},{\"eventName\":\"Measurement_vGMUX\",\"controlLoopSchemaType\":\"VNF\",\"policyScope\":\"DCAE\",\"policyName\":\"DCAE.Config_tca-hi-lo\",\"policyVersion\":\"v0.0.1\",\"thresholds\":[{\"closedLoopControlName\":\"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementFields.additionalMeasurements[*].arrayOfFields[0].value\",\"thresholdValue\":0,\"direction\":\"EQUAL\",\"severity\":\"MAJOR\",\"closedLoopEventStatus\":\"ABATED\"},{\"closedLoopControlName\":\"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\",\"version\":\"1.0.2\",\"fieldPath\":\"$.event.measurementFields.additionalMeasurements[*].arrayOfFields[0].value\",\"thresholdValue\":0,\"direction\":\"GREATER\",\"severity\":\"CRITICAL\",\"closedLoopEventStatus\":\"ONSET\"}]}]}]" tca.processing_batch_size: 10000 tca.enable_abatement: true tca.enable_ecomp_logging: true diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml index 61ccfdef79..12c0204b10 100644 --- a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml @@ -31,7 +31,7 @@ config: onboardingAPIURL: http://dcaemod-onboarding-api:8080/onboarding # application image -image: onap/org.onap.dcaegen2.platform.mod.distributorapi:1.1.0 +image: onap/org.onap.dcaegen2.platform.mod.distributorapi:1.1.1 service: type: ClusterIP diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index bc8325a6dd..538820dea4 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -40,7 +40,7 @@ secrets: pullPolicy: Always # application images -image: onap/dmaap/dmaap-bc:2.0.8 +image: onap/dmaap/dmaap-bc:2.0.10 # application configuration diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index d1d2c54833..3382068f9d 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -44,7 +44,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.10 +image: onap/dmaap/datarouter-node:2.1.11 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 12eb1fb041..4a68f674f1 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -42,7 +42,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.10 +image: onap/dmaap/datarouter-prov:2.1.11 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index d2ee8356d7..3acea02bff 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -131,6 +131,7 @@ msgRtr.namespace.aaf=org.onap.dmaap.mr.topic msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: enforced.topic.name.AAF=org.onap.dmaap.mr forceAAF=false +useCustomAcls=false transidUEBtopicreqd=false defaultNSforUEB=org.onap.dmaap.mr ############################################################################## diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index 174eb2c3a9..0fba655a69 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -69,6 +69,7 @@ spec: {{- end }} - name: srimzi-zk-entrance image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zookeeper.entrance.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /opt/stunnel/stunnel_run.sh ports: @@ -80,7 +81,6 @@ spec: value: debug - name: STRIMZI_ZOOKEEPER_CONNECT value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.global.zkTunnelService.internalPort }}' - imagePullPolicy: Always livenessProbe: exec: command: @@ -153,6 +153,8 @@ spec: value: {{ .Values.global.saslMechanism }} - name: enableCadi value: "{{ .Values.global.aafEnabled }}" + - name: useZkTopicStore + value: "false" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 11daae0de8..63c62ca48c 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -68,7 +68,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/dmaap-mr:1.3.2 +image: onap/dmaap/dmaap-mr:1.4.3 pullPolicy: Always zookeeper: diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index d34efae312..cf65674ffd 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -20,13 +20,7 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 - readinessImage: onap/oom/readiness:3.0.1 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - clientImage: onap/dmaap/dbc-client:1.0.9 - repository: nexus3.onap.org:10001 - busyBoxImage: busybox:1.30 - busyBoxRepository: docker.io + clientImage: onap/dmaap/dbc-client:2.0.10 #Global DMaaP app config allow_http: false @@ -42,9 +36,6 @@ global: #AAF global config overrides aafEnabled: true - aafAgentImage: onap/aaf/aaf_agent:2.1.20 - aafAppNs: org.osaaf.aaf - aafLocatorContainer: oom #Strimzi config kafkaBootstrap: strimzi-kafka-bootstrap diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/application.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/application.yaml new file mode 100644 index 0000000000..f818dfd3b0 --- /dev/null +++ b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/application.yaml @@ -0,0 +1,23 @@ +server: + port: 9102 + servlet: + context-path: /api/holmes-engine-mgmt/v1 + ssl: + key-store: /opt/onap/conf/holmes.keystore + key-store-password: holmes + #PKCS12 + key-store-type: JKS + +logging: + config: classpath:logback-spring.xml + +spring: + application: + name: Holmes Engine Management + datasource: + dirver-class-name: org.postgresql.Driver + url: jdbc:postgresql://${URL_JDBC}:${DB_PORT}/${DB_NAME} + username: ${JDBC_USERNAME} + password: ${JDBC_PASSWORD} + mvc: + throw-exception-if-no-handler-found: true
\ No newline at end of file diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index 50df26f946..ce3035e5da 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/engine-management:10.0.5 +image: onap/holmes/engine-management:11.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/application.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/application.yaml new file mode 100644 index 0000000000..18cf3b4966 --- /dev/null +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/application.yaml @@ -0,0 +1,23 @@ +server: + port: 9101 + servlet: + context-path: /api/holmes-rule-mgmt/v1 + ssl: + key-store: /opt/onap/conf/holmes.keystore + key-store-password: holmes + #PKCS12 + key-store-type: JKS + +logging: + config: classpath:logback-spring.xml + +spring: + application: + name: Holmes Rule Management + datasource: + dirver-class-name: org.postgresql.Driver + url: jdbc:postgresql://${URL_JDBC}:${DB_PORT}/${DB_NAME} + username: ${JDBC_USERNAME} + password: ${JDBC_PASSWORD} + mvc: + throw-exception-if-no-handler-found: true
\ No newline at end of file diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl index 494333c2a8..814aeedf03 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/rules/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b.drl @@ -4,7 +4,7 @@ import org.onap.holmes.common.dmaap.DmaapService; import org.onap.holmes.common.api.stat.VesAlarm; import org.onap.holmes.common.aai.CorrelationUtil; import org.onap.holmes.common.dmaap.entity.PolicyMsg; -import org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder; +import org.onap.holmes.common.utils.SpringContextUtil; import org.onap.holmes.common.utils.DroolsLog; rule "Relation_analysis_Rule" @@ -20,7 +20,7 @@ no-loop true $child : VesAlarm( eventId != $eventId, parentId == null, CorrelationUtil.getInstance().isTopologicallyRelated(sourceId, $sourceId, $sourceName), eventName in ("Fault_MME_eNodeB out of service alarm"), - startEpochMicrosec < $startEpochMicrosec + 60000 && startEpochMicrosec > $startEpochMicrosec - 60000 ) + startEpochMicrosec < $startEpochMicrosec + 60000 && startEpochMicrosec > $startEpochMicrosec - 60000) then DroolsLog.printInfo("==========================================================="); DroolsLog.printInfo("Relation_analysis_Rule: rootId=" + $root.getEventId() + ", childId=" + $child.getEventId()); @@ -37,7 +37,7 @@ no-loop true then DroolsLog.printInfo("==========================================================="); DroolsLog.printInfo("root_has_child_handle_Rule: rootId=" + $root.getEventId() + ", childId=" + $child.getEventId()); - DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class); + DmaapService dmaapService = SpringContextUtil.getBean(DmaapService.class); PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, $child, "org.onap.holmes.droolsRule"); dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out"); $root.setRootFlag(1); @@ -55,7 +55,7 @@ no-loop true then DroolsLog.printInfo("==========================================================="); DroolsLog.printInfo("root_no_child_handle_Rule: rootId=" + $root.getEventId()); - DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class); + DmaapService dmaapService = SpringContextUtil.getBean(DmaapService.class); PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, "org.onap.holmes.droolsRule"); dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out"); $root.setRootFlag(1); @@ -70,7 +70,7 @@ no-loop true then DroolsLog.printInfo("==========================================================="); DroolsLog.printInfo("root_cleared_handle_Rule: rootId=" + $root.getEventId()); - DmaapService dmaapService = ServiceLocatorHolder.getLocator().getService(DmaapService.class); + DmaapService dmaapService = SpringContextUtil.getBean(DmaapService.class); PolicyMsg policyMsg = dmaapService.getPolicyMsg($root, null, "org.onap.holmes.droolsRule"); dmaapService.publishPolicyMsg(policyMsg, "dcae_cl_out"); retract($root); @@ -85,4 +85,4 @@ no-loop true DroolsLog.printInfo("==========================================================="); DroolsLog.printInfo("child_handle_Rule: childId=" + $child.getEventId()); retract($child); -end +end
\ No newline at end of file diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index 84c2108521..bd84c249c9 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/rule-management:10.0.5 +image: onap/holmes/rule-management:11.0.0 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/msb/components/msb-eag/templates/deployment.yaml b/kubernetes/msb/components/msb-eag/templates/deployment.yaml index db24152026..c6cf2d150d 100644 --- a/kubernetes/msb/components/msb-eag/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-eag/templates/deployment.yaml @@ -16,26 +16,12 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - annotations: - sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} @@ -57,23 +43,19 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - - containerPort: {{ .Values.service.internalPortHttps }} - name: {{ .Values.service.name }}-https + ports: {{- include "common.containerPorts" . | indent 10 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -90,9 +72,11 @@ spec: readOnly: true - mountPath: /usr/local/apiroute-works/logs name: {{ include "common.fullname" . }}-logs + {{- if (include "common.needTLS" .) }} - mountPath: /usr/local/openresty/nginx/msb-enabled/msbhttps.conf name: {{ include "common.fullname" . }}-nginx-conf subPath: msbhttps.conf + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,9 +95,11 @@ spec: - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log + {{- if (include "common.needTLS" .) }} - name: {{ include "common.fullname" . }}-nginx-conf configMap: name: {{ include "common.fullname" . }}-nginx + {{- end }} {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix . )) | nindent 8 }} - name: {{ include "common.fullname" . }}-logs emptyDir: {} diff --git a/kubernetes/msb/components/msb-eag/templates/service.yaml b/kubernetes/msb/components/msb-eag/templates/service.yaml index e8e3a8a947..eeeafc15fc 100644 --- a/kubernetes/msb/components/msb-eag/templates/service.yaml +++ b/kubernetes/msb/components/msb-eag/templates/service.yaml @@ -13,32 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPortHttps }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }} - name: https-{{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: http-{{ .Values.service.name }} - - port: {{ .Values.service.externalPortHttps }} - targetPort: {{ .Values.service.internalPortHttps }} - name: https-{{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml index dcd4aed13f..45f93ed63d 100644 --- a/kubernetes/msb/components/msb-eag/values.yaml +++ b/kubernetes/msb/components/msb-eag/values.yaml @@ -82,11 +82,17 @@ readiness: service: type: NodePort name: msb-eag - externalPort: 80 - internalPort: 80 - externalPortHttps: 443 - internalPortHttps: 443 - nodePortHttps: 84 + both_tls_and_plain: true + # for liveness and readiness probe only + # internalPort: + internalPort: 443 + internalPlainPort: 80 + ports: + - name: msb-eag + port: 443 + plain_port: 80 + port_protocol: http + nodePort: '84' ingress: enabled: false diff --git a/kubernetes/msb/components/msb-iag/templates/deployment.yaml b/kubernetes/msb/components/msb-iag/templates/deployment.yaml index db24152026..c6cf2d150d 100644 --- a/kubernetes/msb/components/msb-iag/templates/deployment.yaml +++ b/kubernetes/msb/components/msb-iag/templates/deployment.yaml @@ -16,26 +16,12 @@ */}} apiVersion: apps/v1 kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - selector: - matchLabels: - app: {{ include "common.name" . }} + selector: {{- include "common.selectors" . | nindent 4 }} replicas: {{ .Values.replicaCount }} template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - annotations: - sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} @@ -57,23 +43,19 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - - containerPort: {{ .Values.service.internalPortHttps }} - name: {{ .Values.service.name }}-https + ports: {{- include "common.containerPorts" . | indent 10 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -90,9 +72,11 @@ spec: readOnly: true - mountPath: /usr/local/apiroute-works/logs name: {{ include "common.fullname" . }}-logs + {{- if (include "common.needTLS" .) }} - mountPath: /usr/local/openresty/nginx/msb-enabled/msbhttps.conf name: {{ include "common.fullname" . }}-nginx-conf subPath: msbhttps.conf + {{- end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -111,9 +95,11 @@ spec: - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log + {{- if (include "common.needTLS" .) }} - name: {{ include "common.fullname" . }}-nginx-conf configMap: name: {{ include "common.fullname" . }}-nginx + {{- end }} {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix . )) | nindent 8 }} - name: {{ include "common.fullname" . }}-logs emptyDir: {} diff --git a/kubernetes/msb/components/msb-iag/templates/service.yaml b/kubernetes/msb/components/msb-iag/templates/service.yaml index e8e3a8a947..eeeafc15fc 100644 --- a/kubernetes/msb/components/msb-iag/templates/service.yaml +++ b/kubernetes/msb/components/msb-iag/templates/service.yaml @@ -13,32 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPortHttps }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }} - name: https-{{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: http-{{ .Values.service.name }} - - port: {{ .Values.service.externalPortHttps }} - targetPort: {{ .Values.service.internalPortHttps }} - name: https-{{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} +{{ include "common.service" . }}
\ No newline at end of file diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml index bbf4d83f9d..602177b479 100644 --- a/kubernetes/msb/components/msb-iag/values.yaml +++ b/kubernetes/msb/components/msb-iag/values.yaml @@ -82,12 +82,17 @@ readiness: service: type: NodePort name: msb-iag - externalPort: 80 - internalPort: 80 - nodePort: 80 - externalPortHttps: 443 - internalPortHttps: 443 - nodePortHttps: 83 + both_tls_and_plain: true + # for liveness and readiness probe only + # internalPort: + internalPort: 443 + internalPlainPort: 80 + ports: + - name: msb-iag + port: 443 + plain_port: 80 + port_protocol: http + nodePort: '83' ingress: enabled: false diff --git a/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml index f71255bc5f..2750f5f145 100644 --- a/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml @@ -41,15 +41,15 @@ spec: containers: - env: - name: MSB_PROTO - value: {{ .Values.config.msbprotocol }} + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}" - name: MSB_ADDR value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - name: MSB_PORT - value: "{{ .Values.config.msbPort }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}" - name: AAI_ADDR - value: aai.{{ include "common.namespace" . }} + value: "aai.{{ include "common.namespace" . }}" - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}" - name: AAI_SCHEMA_VERSION value: "{{ .Values.config.aai.schemaVersion }}" - name: AAI_USERNAME @@ -57,7 +57,7 @@ spec: - name: AAI_PASSWORD value: "{{ .Values.config.aai.password }}" - name: SSL_ENABLED - value: "{{ .Values.config.ssl_enabled }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}" name: {{ include "common.name" . }} volumeMounts: - mountPath: "{{ .Values.log.path }}" @@ -78,7 +78,7 @@ spec: httpGet: path: /api/multicloud-fcaps/v1/healthcheck port: {{ .Values.service.internalPort }} - scheme: HTTPS + scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} diff --git a/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml b/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml index fabe32e0ff..e73a942172 100644 --- a/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml +++ b/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml @@ -32,7 +32,7 @@ metadata: "url": "/api/multicloud-fcaps/v0", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" }, { @@ -41,7 +41,7 @@ metadata: "url": "/api/multicloud-fcaps/v1", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" } ]' diff --git a/kubernetes/multicloud/components/multicloud-fcaps/values.yaml b/kubernetes/multicloud/components/multicloud-fcaps/values.yaml index 21be9d38cb..b9e90af1ef 100644 --- a/kubernetes/multicloud/components/multicloud-fcaps/values.yaml +++ b/kubernetes/multicloud/components/multicloud-fcaps/values.yaml @@ -26,16 +26,17 @@ image: onap/multicloud/openstack-fcaps:1.5.7 pullPolicy: Always #Istio sidecar injection policy -istioSidecar: false +istioSidecar: true # application configuration config: ssl_enabled: true - msbprotocol: https msbgateway: msb-iag msbPort: 443 + msbPlainPort: 80 aai: - port: 8443 + aaiPort: 8443 + aaiPlainPort: 8080 schemaVersion: v13 username: AAI password: AAI @@ -59,7 +60,7 @@ liveness: service: type: ClusterIP name: multicloud-fcaps - portName: multicloud-fcaps + portName: http externalPort: 9011 internalPort: 9011 nodePort: 87 diff --git a/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json b/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json index 2ce2d8564b..cf818798d4 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json +++ b/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json @@ -5,7 +5,7 @@ "port":9014, "userName":"healthcheck", "password":"zb!XztG34", - "https":true + "https":{{ (eq "true" (include "common.needTLS" .)) | ternary true false }} }, "receptionHandlerParameters":{ "SDCReceptionHandler":{ @@ -27,7 +27,7 @@ "sdcConfiguration":{ "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", "parameters":{ - "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443", + "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}", "messageBusAddress": [ "message-router.{{ include "common.namespace" . }}" ], @@ -54,7 +54,12 @@ "keystorePassword": "null", "activeserverTlsAuth": false, "isFilterinEmptyResources": true, - "isUseHttpsWithDmaap": false + "isUseHttpsWithDmaap": false, + "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}, + "httpsproxyHost": "null", + "httpproxyHost": "null", + "httpsproxyPort": 8181, + "httpproxyPort": 8080 } } }, @@ -62,7 +67,7 @@ "k8sConfiguration":{ "parameterClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarderParameterGroup", "parameters":{ - "useHttps": true, + "useHttps": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}, "hostname": "pdp", "port": 8081, "userName": "testpdp", diff --git a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml index e63be9c81c..c9912ffd17 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml @@ -73,6 +73,7 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.artifactImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: framework-artifactbroker command: ["/opt/app/distribution/bin/artifact-dist.sh"] args: ["/opt/app/distribution/etc/mounted/config.json"] diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index b152af282e..36cb701a9b 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -18,7 +18,7 @@ global: nodePortPrefixExt: 304 persistence: {} - artifactImage: onap/multicloud/framework-artifactbroker:1.7.3 + artifactImage: onap/multicloud/framework-artifactbroker:1.8.1 ################################################################# # Application configuration defaults. @@ -54,7 +54,7 @@ readiness: service: type: ClusterIP name: multicloud-k8s - portName: multicloud-k8s + portName: http internalPort: 9015 externalPort: 9015 nodePort: 98 diff --git a/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml index a802cb1466..3174dae242 100644 --- a/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml @@ -41,15 +41,15 @@ spec: containers: - env: - name: MSB_PROTO - value: {{ .Values.config.msbprotocol }} + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}" - name: MSB_ADDR value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - name: MSB_PORT - value: "{{ .Values.config.msbPort }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}" - name: AAI_ADDR - value: aai.{{ include "common.namespace" . }} + value: "aai.{{ include "common.namespace" . }}" - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}" - name: AAI_SCHEMA_VERSION value: "{{ .Values.config.aai.schemaVersion }}" - name: AAI_USERNAME @@ -57,7 +57,7 @@ spec: - name: AAI_PASSWORD value: "{{ .Values.config.aai.password }}" - name: SSL_ENABLED - value: "{{ .Values.config.ssl_enabled }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}" name: {{ include "common.name" . }} volumeMounts: - mountPath: "{{ .Values.log.path }}" diff --git a/kubernetes/multicloud/components/multicloud-pike/values.yaml b/kubernetes/multicloud/components/multicloud-pike/values.yaml index 7b606a5492..4ed7a64ecb 100644 --- a/kubernetes/multicloud/components/multicloud-pike/values.yaml +++ b/kubernetes/multicloud/components/multicloud-pike/values.yaml @@ -31,11 +31,12 @@ istioSidecar: true # application configuration config: ssl_enabled: false - msbprotocol: https msbgateway: msb-iag msbPort: 443 + msbPlainPort: 80 aai: - port: 8443 + aaiPort: 8443 + aaiPlainPort: 8080 schemaVersion: v13 username: AAI password: AAI @@ -59,7 +60,7 @@ liveness: service: type: ClusterIP name: multicloud-pike - portName: multicloud-pike + portName: http externalPort: 9007 internalPort: 9007 nodePort: 96 diff --git a/kubernetes/multicloud/components/multicloud-prometheus/values.yaml b/kubernetes/multicloud/components/multicloud-prometheus/values.yaml index 757041ce43..78373c88f2 100644 --- a/kubernetes/multicloud/components/multicloud-prometheus/values.yaml +++ b/kubernetes/multicloud/components/multicloud-prometheus/values.yaml @@ -53,7 +53,7 @@ persistence: service: type: ClusterIP name: multicloud-prometheus - portName: multicloud-prometheus + portName: http internalPort: 9090 externalPort: 9090 diff --git a/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json b/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json index da0727c3a7..ebc53849d6 100644 --- a/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json +++ b/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json @@ -5,7 +5,7 @@ "port":9014, "userName":"healthcheck", "password":"zb!XztG34", - "https":true + "https":{{ (eq "true" (include "common.needTLS" .)) | ternary true false }} }, "receptionHandlerParameters":{ "SDCReceptionHandler":{ @@ -27,7 +27,7 @@ "sdcConfiguration":{ "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", "parameters":{ - "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443", + "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}", "messageBusAddress": [ "message-router.{{ include "common.namespace" . }}" ], @@ -53,7 +53,12 @@ "keystorePassword": "null", "activeserverTlsAuth": false, "isFilterinEmptyResources": true, - "isUseHttpsWithDmaap": false + "isUseHttpsWithDmaap": false, + "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}, + "httpsproxyHost": "null", + "httpproxyHost": "null", + "httpsproxyPort": 8181, + "httpproxyPort": 8080 } } }, diff --git a/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml index 2524cd8421..7f178063b5 100644 --- a/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml @@ -41,15 +41,15 @@ spec: containers: - env: - name: MSB_PROTO - value: {{ .Values.config.msbprotocol }} + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}" - name: MSB_ADDR value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - name: MSB_PORT - value: "{{ .Values.config.msbPort }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}" - name: AAI_ADDR - value: aai.{{ include "common.namespace" . }} + value: "aai.{{ include "common.namespace" . }}" - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}" - name: AAI_SCHEMA_VERSION value: "{{ .Values.config.aai.schemaVersion }}" - name: AAI_USERNAME @@ -57,7 +57,7 @@ spec: - name: AAI_PASSWORD value: "{{ .Values.config.aai.password }}" - name: SSL_ENABLED - value: "{{ .Values.config.ssl_enabled }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}" name: {{ include "common.name" . }} volumeMounts: - mountPath: "{{ .Values.log.path }}" @@ -79,7 +79,7 @@ spec: httpGet: path: /api/multicloud-starlingx/v0/swagger.json port: {{ .Values.service.internalPort }} - scheme: HTTPS + scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} diff --git a/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml b/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml index cf67f106ee..5c30c26296 100644 --- a/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml +++ b/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml @@ -32,7 +32,7 @@ metadata: "url": "/api/multicloud-starlingx/v0", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" }, { @@ -41,7 +41,7 @@ metadata: "url": "/api/multicloud-starlingx/v1", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" } ]' diff --git a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml index e59f34a8bc..1232c3b79a 100644 --- a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml +++ b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml @@ -17,7 +17,7 @@ ################################################################# global: nodePortPrefixExt: 304 - artifactImage: onap/multicloud/framework-artifactbroker:1.7.3 + artifactImage: onap/multicloud/framework-artifactbroker:1.8.1 ################################################################# # Application configuration defaults. @@ -33,11 +33,12 @@ istioSidecar: false # application configuration config: ssl_enabled: true - msbprotocol: https msbgateway: msb-iag msbPort: 443 + msbPlainPort: 80 aai: - port: 8443 + aaiPort: 8443 + aaiPlainPort: 8080 schemaVersion: v13 username: AAI password: AAI diff --git a/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml index 1d27d6eb33..c5c368c8b5 100644 --- a/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml @@ -41,14 +41,16 @@ spec: spec: containers: - env: + - name: MSB_PROTO + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}" - name: MSB_ADDR - value: "{{ .Values.config.msbgateway }}" + value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - name: MSB_PORT - value: "{{ .Values.config.msbPort }}.{{ include "common.namespace" . }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}" - name: AAI_ADDR - value: aai.{{ include "common.namespace" . }} + value: "aai.{{ include "common.namespace" . }}" - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}" - name: AAI_SCHEMA_VERSION value: "{{ .Values.config.aai.schemaVersion }}" - name: AAI_USERNAME diff --git a/kubernetes/multicloud/components/multicloud-vio/values.yaml b/kubernetes/multicloud/components/multicloud-vio/values.yaml index 17643baffe..3b852df885 100644 --- a/kubernetes/multicloud/components/multicloud-vio/values.yaml +++ b/kubernetes/multicloud/components/multicloud-vio/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/vio:1.4.1 +image: onap/multicloud/vio:1.4.2 pullPolicy: Always #Istio sidecar injection policy @@ -32,9 +32,11 @@ istioSidecar: true # application configuration config: msbgateway: msb-iag - msbPort: 80 + msbPort: 443 + msbPlainPort: 80 aai: - port: 8443 + aaiPort: 8443 + aaiPlainPort: 8080 schemaVersion: v13 username: AAI password: AAI @@ -58,7 +60,7 @@ liveness: service: type: ClusterIP name: multicloud-vio - portName: multicloud-vio + portName: http externalPort: 9004 internalPort: 9004 nodePort: 92 diff --git a/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json b/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json index 655076a901..e34637666f 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json +++ b/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json @@ -5,7 +5,7 @@ "port":9014, "userName":"healthcheck", "password":"zb!XztG34", - "https":true + "https":{{ (eq "true" (include "common.needTLS" .)) | ternary true false }} }, "receptionHandlerParameters":{ "SDCReceptionHandler":{ @@ -27,7 +27,7 @@ "sdcConfiguration":{ "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", "parameters":{ - "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443", + "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}", "messageBusAddress": [ "message-router.{{ include "common.namespace" . }}" ], @@ -53,7 +53,12 @@ "keystorePassword": "null", "activeserverTlsAuth": false, "isFilterinEmptyResources": true, - "isUseHttpsWithDmaap": false + "isUseHttpsWithDmaap": false, + "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}, + "httpsproxyHost": "null", + "httpproxyHost": "null", + "httpsproxyPort": 8181, + "httpproxyPort": 8080 } } }, diff --git a/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml index 7656632737..8eadcf689d 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml +++ b/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml @@ -50,15 +50,15 @@ spec: containers: - env: - name: MSB_PROTO - value: {{ .Values.config.msbprotocol }} + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}" - name: MSB_ADDR value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - name: MSB_PORT - value: "{{ .Values.config.msbPort }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}" - name: AAI_ADDR - value: aai.{{ include "common.namespace" . }} + value: "aai.{{ include "common.namespace" . }}" - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}" - name: AAI_SCHEMA_VERSION value: "{{ .Values.config.aai.schemaVersion }}" - name: AAI_USERNAME @@ -66,7 +66,7 @@ spec: - name: AAI_PASSWORD value: "{{ .Values.config.aai.password }}" - name: SSL_ENABLED - value: "{{ .Values.config.ssl_enabled }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}" name: {{ include "common.name" . }} volumeMounts: - mountPath: "{{ .Values.log.path }}" @@ -88,7 +88,7 @@ spec: httpGet: path: /api/multicloud-titaniumcloud/v1/swagger.json port: {{ .Values.service.internalPort }} - scheme: HTTPS + scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} diff --git a/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml b/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml index 5a555b3222..f71306740f 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml +++ b/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml @@ -33,7 +33,7 @@ metadata: "url": "/api/multicloud-titanium_cloud/v0", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" }, { @@ -42,7 +42,7 @@ metadata: "url": "/api/multicloud-titaniumcloud/v0", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" }, { @@ -51,7 +51,7 @@ metadata: "url": "/api/multicloud-titaniumcloud/v1", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" } ]' diff --git a/kubernetes/multicloud/components/multicloud-windriver/values.yaml b/kubernetes/multicloud/components/multicloud-windriver/values.yaml index 1a6527b4cb..33802937cd 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/values.yaml +++ b/kubernetes/multicloud/components/multicloud-windriver/values.yaml @@ -18,7 +18,7 @@ ################################################################# global: nodePortPrefix: 302 - artifactImage: onap/multicloud/framework-artifactbroker:1.7.3 + artifactImage: onap/multicloud/framework-artifactbroker:1.8.1 persistence: {} ################################################################# @@ -34,11 +34,12 @@ istioSidecar: true # application configuration config: ssl_enabled: true - msbprotocol: https msbgateway: msb-iag msbPort: 443 + msbPlainPort: 80 aai: - port: 8443 + aaiPort: 8443 + aaiPlainPort: 8080 schemaVersion: v13 username: AAI password: AAI diff --git a/kubernetes/multicloud/templates/deployment.yaml b/kubernetes/multicloud/templates/deployment.yaml index 53716e5f44..ff9dac1898 100644 --- a/kubernetes/multicloud/templates/deployment.yaml +++ b/kubernetes/multicloud/templates/deployment.yaml @@ -40,15 +40,15 @@ spec: containers: - env: - name: MSB_PROTO - value: {{ .Values.config.msbprotocol }} + value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}" - name: MSB_ADDR - value: {{ .Values.config.msbgateway }}.{{ include "common.namespace" . }} + value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" - name: MSB_PORT - value: "{{ .Values.config.msbPort }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}" - name: AAI_ADDR value: "aai.{{ include "common.namespace" . }}" - name: AAI_PORT - value: "{{ .Values.config.aai.port }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}" - name: AAI_SCHEMA_VERSION value: "{{ .Values.config.aai.schemaVersion }}" - name: AAI_USERNAME @@ -56,7 +56,7 @@ spec: - name: AAI_PASSWORD value: "{{ .Values.config.aai.password }}" - name: SSL_ENABLED - value: "{{ .Values.config.ssl_enabled }}" + value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}" resources: {{ include "common.resources" . | indent 12 }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} @@ -80,7 +80,7 @@ spec: httpGet: path: /api/multicloud/v0/swagger.json port: {{ .Values.service.internalPort }} - scheme: HTTPS + scheme: "{{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}" initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} diff --git a/kubernetes/multicloud/templates/service.yaml b/kubernetes/multicloud/templates/service.yaml index 3f950db038..1c483b0d2d 100644 --- a/kubernetes/multicloud/templates/service.yaml +++ b/kubernetes/multicloud/templates/service.yaml @@ -18,7 +18,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ .Values.service.portName }} + name: {{ .Values.service.name }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -33,7 +33,11 @@ metadata: "url": "/api/multicloud/v0", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", + {{if (include "common.needTLS" .) -}} "enable_ssl": {{ .Values.config.ssl_enabled }}, + {{- else -}} + "enable_ssl": false, + {{- end}} "visualRange": "1" }, { @@ -42,7 +46,7 @@ metadata: "url": "/api/multicloud/v1", "protocol": "REST", "port": "{{ .Values.service.externalPort }}", - "enable_ssl": {{ .Values.config.ssl_enabled }}, + "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}, "visualRange": "1" } ]' diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 977de08b6a..91dfa5cacb 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -18,7 +18,7 @@ ################################################################# global: nodePortPrefix: 302 - artifactImage: onap/multicloud/framework-artifactbroker:1.7.3 + artifactImage: onap/multicloud/framework-artifactbroker:1.8.1 prometheus: enabled: false persistence: {} @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/framework:1.7.3 +image: onap/multicloud/framework:1.8.1 pullPolicy: Always #Istio sidecar injection policy @@ -57,13 +57,14 @@ multicloud-windriver: # application configuration config: ssl_enabled: true - msbprotocol: https msbgateway: msb-iag - msbPort: 443 logstashServiceName: log-ls logstashPort: 5044 + msbPort: 443 + msbPlainPort: 80 aai: - port: 8443 + aaiPort: 8443 + aaiPlainPort: 8080 schemaVersion: v13 username: AAI password: AAI @@ -87,7 +88,7 @@ liveness: service: type: ClusterIP name: multicloud - portName: multicloud-framework + portName: http externalPort: 9001 internalPort: 9001 nodePort: 91 diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index 228302fed4..d0d81c57ba 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -16,7 +16,7 @@ global: # global defaults nodePortPrefix: 302 image: - optf_has: onap/optf-has:2.3.0 + optf_has: onap/optf-has:2.3.1 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml index a8c5dd216a..d6da75fd18 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.3.0 + optf_has: onap/optf-has:2.3.1 ################################################################# # Secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml index 0aaf4286cd..93a335d29d 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.3.0 + optf_has: onap/optf-has:2.3.1 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml index fd88273dce..651e832929 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.3.0 + optf_has: onap/optf-has:2.3.1 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml index 36c1945835..46ff033c82 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.3.0 + optf_has: onap/optf-has:2.3.1 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf index 22a20fe64e..78553d73af 100755 --- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf @@ -765,7 +765,7 @@ get_ta_list_url = "/api/v1/execute/ran-coverage-area/get_ta_list" # Base URL for DCAE, up to and not including the version, and without a # trailing slash. (string value) -server_url = https://{{.Values.config.dcae.service}}.{{ include "common.namespace" . }}:{{.Values.config.dcae.port}} +server_url = http://{{.Values.config.dcae.service}}.{{ include "common.namespace" . }}:{{.Values.config.dcae.port}} # Timeout for DCAE Rest Call (string value) #dcae_rest_timeout = 30 @@ -796,4 +796,4 @@ certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer # Password for DCAE. (string value) #password = -get_slice_config_url = "/api/v1/slices-config"
\ No newline at end of file +get_slice_config_url = "/api/v1/slices-config" diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index 8a146a90b8..733b9209b5 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -19,7 +19,7 @@ global: commonConfigPrefix: onap-oof-has image: - optf_has: onap/optf-has:2.3.0 + optf_has: onap/optf-has:2.3.1 persistence: enabled: true @@ -160,4 +160,4 @@ etcd-init: resources: *etcd-resources # Python doesn't support well dollar sign in password -passwordStrengthOverride: basic
\ No newline at end of file +passwordStrengthOverride: basic diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index f5873b404e..0673cf2079 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -35,7 +35,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/optf-osdf:3.0.6 +image: onap/optf-osdf:3.0.7 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml index f05fbe1a08..e387cc8e55 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml @@ -28,7 +28,7 @@ namespace: onap # Deployment configuration deployment: name: oom-certservice-cmpv2issuer - image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.5.0 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.6.0 proxyImage: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 # fol local development use IfNotPresent pullPolicy: Always diff --git a/kubernetes/platform/components/oom-cert-service/values.yaml b/kubernetes/platform/components/oom-cert-service/values.yaml index 7778c03e34..d9c215cd9e 100644 --- a/kubernetes/platform/components/oom-cert-service/values.yaml +++ b/kubernetes/platform/components/oom-cert-service/values.yaml @@ -44,7 +44,7 @@ service: # Deployment configuration repository: "nexus3.onap.org:10001" -image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.5.0 +image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.6.0 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml index 4d9ff9250e..71320dc3eb 100755 --- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml @@ -2,6 +2,7 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. # Modifications Copyright (C) 2020 AT&T Intellectual Property. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,6 +57,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: apexconfig-input diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index db5251913e..f0fa193281 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -1,6 +1,7 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,12 +45,19 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.keyStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.7.3 +image: onap/policy-apex-pdp:2.8.0 pullPolicy: Always # flag to enable debugging - application support required @@ -160,3 +168,26 @@ metrics: chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' release: '{{ include "common.release" . }}' heritage: '{{ .Release.Service }}' + +# application configuration +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + policyPdpPapTopic: policy-pdp-pap +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. diff --git a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml index e6cf2b3571..92f580942e 100644 --- a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml +++ b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2022 Bell Canada. All rights reserved. +# Modifications Copyright (C) 2022 AT&T Intellectual Property. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -57,6 +58,7 @@ database: policy-preload: policyTypes: - policytypes/onap.policies.monitoring.tcagen2.yaml + - policytypes/onap.policies.monitoring.tcagen2.v2.yaml - policytypes/onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server.yaml - policytypes/onap.policies.monitoring.dcae-restconfcollector.yaml - policytypes/onap.policies.monitoring.dcae-pm-subscription-handler.yaml diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 0e3ada8956..45e54ed3aa 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.6.3 +image: onap/policy-api:2.7.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml index 406b59c545..bae5941854 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml @@ -23,18 +23,17 @@ spring: password: ${RESTSERVER_PASSWORD} {{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} -{{- end }} security: enable-csrf: false @@ -62,6 +61,29 @@ participant: - ${topicServer:message-router} topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# clampAutomationCompositionTopics: +# topicSources: +# - topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# fetchTimeout: 15000 +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} management: endpoints: diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 5f8aa3b5a1..697ce6ea47 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -78,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-http-ppnt:6.2.3 +image: onap/policy-clamp-ac-http-ppnt:6.3.0 pullPolicy: Always # application configuration diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 6c14fd2207..00451b9425 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -21,20 +21,19 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} -{{- end }} security: enable-csrf: false @@ -67,6 +66,32 @@ participant: topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# clampAutomationCompositionTopics: +# topicSources: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# fetchTimeout: 15000 +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + management: endpoints: web: diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index 2cf8d2d723..b8f6b9f3c4 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-k8s-ppnt:6.2.3 +image: onap/policy-clamp-ac-k8s-ppnt:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml index 856b16d91d..07d5eca377 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml @@ -21,20 +21,19 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} -{{- end }} security: enable-csrf: false @@ -83,6 +82,32 @@ participant: topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# clampAutomationCompositionTopics: +# topicSources: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# fetchTimeout: 15000 +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + management: endpoints: web: diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index 6fefa02783..9d000f1018 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -90,7 +90,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-pf-ppnt:6.2.3 +image: onap/policy-clamp-ac-pf-ppnt:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index c23657c421..3442cdd3be 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -71,7 +71,7 @@ secrets: flavor: small # application image -image: onap/policy-clamp-backend:6.2.3 +image: onap/policy-clamp-backend:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml index 219be24079..4fb70fc337 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml @@ -44,19 +44,17 @@ spring: hibernate: dialect: org.hibernate.dialect.MariaDB103Dialect format_sql: true -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} -{{- end }} - -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} security: @@ -95,6 +93,32 @@ runtime: topicCommInfrastructure: dmaap useHttps: true +# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below +# topicParameterGroup: +# topicSources: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# fetchTimeout: 15000 +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} +# topicSinks: +# - +# topic: policy-acruntime-participant +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# useHttps: true +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + management: endpoints: web: diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index d224aa6bc4..87b613a3ef 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -85,7 +85,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-runtime-acm:6.2.3 +image: onap/policy-clamp-runtime-acm:6.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index d36f1c2275..fe1c720590 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.7.3 +image: onap/policy-distribution:2.8.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf index 57fa29bc3d..c1e578733b 100755 --- a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf +++ b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf @@ -42,6 +42,9 @@ REPOSITORY_OFFLINE={{.Values.nexus.offline}} SQL_HOST={{ .Values.db.name }} SQL_PORT=3306 +JDBC_URL=jdbc:mariadb://{{ .Values.db.name }}:3306/ +JDBC_OPTS= +MYSQL_CMD= # Liveness LIVENESS_CONTROLLERS=* diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 74c743cb2b..d48d05fe44 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -41,7 +41,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.10.3 +image: onap/policy-pdpd-cl:1.11.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index 60a6ce38c4..c605b6b6ea 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -73,7 +73,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.2.3 +image: onap/policy-gui:2.3.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml index 195b087ff1..7cb32d0079 100644 --- a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml +++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2022 Bell Canada. All rights reserved. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,19 +41,17 @@ spring: naming: physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy -{{- if .Values.config.useStrimziKafka }} kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} +{{- if .Values.config.useStrimziKafka }} bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 security.protocol: SASL_PLAINTEXT properties.sasl: mechanism: SCRAM-SHA-512 jaas.config: ${JAASLOGIN} {{ else }} -{{ toYaml .Values.config.eventPublisher | nindent 2 }} -{{- end }} - -{{- if .Values.config.additional }} -{{ toYaml .Values.config.additional | nindent 2 }} +{{ toYaml .Values.config.eventConsumption | nindent 2 }} {{- end }} server: @@ -99,6 +98,15 @@ pap: - message-router useHttps: true topicCommInfrastructure: dmaap +# If Strimzi Kafka to be used for communication, replace following configuration for topicSources and topicSinks +# servers: +# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +# topicCommInfrastructure: kafka +# additionalProps: +# security.protocol: SASL_PLAINTEXT +# sasl.mechanism: SCRAM-SHA-512 +# sasl.jaas.config: ${JAASLOGIN} + healthCheckRestClientParameters: - clientName: api hostname: policy-api diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 2c240d2347..0dc6dbe4dc 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -2,6 +2,7 @@ # Copyright (C) 2019 Nordix Foundation. # Modifications Copyright (C) 2019-2021 AT&T Intellectual Property. # Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -99,7 +100,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.6.3 +image: onap/policy-pap:2.7.0 pullPolicy: Always # flag to enable debugging - application support required @@ -211,7 +212,7 @@ config: kafkaBootstrap: strimzi-kafka-bootstrap kafka: consumer: - groupId: poicy-group + groupId: policy-group app: listener: policyPdpPapTopic: policy-pdp-pap diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/configmap.yaml index 64b7c0a126..3b1a12399e 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/configmap.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved. +# Copyright (C) 2019-2020, 2022 AT&T Intellectual Property. All rights reserved. # Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -36,4 +36,4 @@ binaryData: {{- end }} {{- end }} data: -{{ tpl (.Files.Glob "resources/config/*.{json,properties,xml}").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{sql,json,properties,xml}").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index e7e7eebefe..3a44719727 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.6.3 +image: onap/policy-xacml-pdp:2.7.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/templates/policy-kafka-user.yaml b/kubernetes/policy/templates/policy-kafka-user.yaml index 1bc7ab1d3a..43edb64c83 100644 --- a/kubernetes/policy/templates/policy-kafka-user.yaml +++ b/kubernetes/policy/templates/policy-kafka-user.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2022 Nordix Foundation +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -29,13 +30,21 @@ spec: - resource: type: group name: {{ .Values.config.acRuntimeTopic.consumer.groupId }} - operation: Read + operation: All - resource: type: topic name: {{ .Values.config.acRuntimeTopic.name }} - operation: Read + operation: All - resource: type: topic - name: {{ .Values.config.acRuntimeTopic.name }} - operation: Write + name: {{ .Values.config.policyPdpPapTopic.name }} + operation: All + - resource: + type: topic + name: {{ .Values.config.policyHeartbeatTopic.name }} + operation: All + - resource: + type: topic + name: {{ .Values.config.policyNotificationTopic.name }} + operation: All {{- end }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index d7d556a39f..1c73e645b9 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -176,7 +176,7 @@ mariadb: image: mariadb:10.5.8 dbmigrator: - image: onap/policy-db-migrator:2.4.3 + image: onap/policy-db-migrator:2.5.0 schema: policyadmin policy_home: "/opt/app/policy" @@ -237,6 +237,7 @@ config: segmentBytes: 1073741824 consumer: groupId: policy-group + someConfig: blah mariadb-galera: # mariadb-galera.config and global.mariadb.config must be equals diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index 63d266b75c..709877943c 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -110,7 +110,7 @@ docker_temp_server_start() { # only use the root password if the database has already been initializaed # so that it won't try to fill in a password file when it hasn't been set yet extraArgs="" - if [ -z "$DATABASE_ALREADY_EXISTS" ]; then + if [ "$DATABASE_ALREADY_EXISTS" = "false" ]; then extraArgs=${extraArgs}" --dont-use-mysql-root-password" fi if echo 'SELECT 1' |docker_process_sql ${extraArgs} --database=mysql >/dev/null 2>&1; then @@ -344,7 +344,7 @@ _main() { fi # there's no database, so it needs to be initialized - if [ -z "$DATABASE_ALREADY_EXISTS" ]; then + if [ "$DATABASE_ALREADY_EXISTS" = "false" ]; then docker_verify_minimum_env # check dir permissions to reduce likelihood of half-initialized database diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index 2da601b26c..dc3b669526 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.11.6 -backendInitImage: onap/sdc-backend-init:1.11.6 +image: onap/sdc-backend-all-plugins:1.11.9 +backendInitImage: onap/sdc-backend-init:1.11.9 pullPolicy: Always diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index d126aecbaf..46208a21c6 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -51,8 +51,8 @@ cassandra: # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.11.6 -cassandraInitImage: onap/sdc-cassandra-init:1.11.6 +image: onap/sdc-cassandra:1.11.9 +cassandraInitImage: onap/sdc-cassandra-init:1.11.9 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 722f6130a5..5e0c8da5fb 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.11.6 +image: onap/sdc-frontend:1.11.9 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index 91363a83ed..45cbcd617a 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.11.6 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.6 +image: onap/sdc-onboard-backend:1.11.9 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.9 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml index d279163690..edeef7af9a 100644 --- a/kubernetes/uui/components/uui-server/values.yaml +++ b/kubernetes/uui/components/uui-server/values.yaml @@ -63,7 +63,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/usecase-ui-server:4.0.7 +image: onap/usecase-ui-server:5.1.1 pullPolicy: Always # application configuration diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index f133ad5a27..10d9a253ba 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -57,7 +57,7 @@ subChartsOnly: flavor: small # application image -image: onap/usecase-ui:4.0.7 +image: onap/usecase-ui:5.1.0 pullPolicy: Always # application configuration |