diff options
46 files changed, 390 insertions, 81 deletions
diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 6f372f9bd9..a232d53c84 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -76,7 +76,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index b1f8c085b8..fdb243de0a 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -77,7 +77,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 1dd374c4dc..b03032677e 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,7 +40,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index b1c8fdd221..921d2dc832 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -84,7 +84,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 62d1d2eabd..aa0e376b29 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -231,7 +231,7 @@ global: # global defaults version: # Current version of the REST API api: - default: v26 + default: v24 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl index 7fee67a7a4..f2741079c7 100644 --- a/kubernetes/common/common/templates/_ingress.tpl +++ b/kubernetes/common/common/templates/_ingress.tpl @@ -13,11 +13,18 @@ http: paths: - backend: - serviceName: {{ .name }} - servicePort: {{ .port }} + service: + name: {{ .name }} + port: + {{- if kindIs "string" .port }} + name: {{ .port }} + {{- else }} + number: {{ .port }} + {{- end }} {{- if .path }} path: {{ .path }} {{- end }} + pathType: ImplementationSpecific {{- end }} {{- end -}} @@ -69,7 +76,7 @@ nginx.ingress.kubernetes.io/ssl-redirect: "false" {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" (default (dict) .Values.global.ingress) "var" "enabled") }} {{- $ingressEnabled := include "common.ingress._overrideIfDefined" (dict "currVal" $ingressEnabled "parent" .Values.ingress "var" "enabledOverride") }} {{- if $ingressEnabled }} -apiVersion: networking.k8s.io/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "common.fullname" . }}-ingress diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl index eb6c047c2f..81d7a74578 100644 --- a/kubernetes/common/common/templates/_serviceMonitor.tpl +++ b/kubernetes/common/common/templates/_serviceMonitor.tpl @@ -110,8 +110,12 @@ namespace: {{ $dot.Values.metrics.serviceMonitor.namespace }} {{- else }} namespace: {{ include "common.namespace" $dot }} {{- end }} +{{- if $dot.Values.metrics.serviceMonitor.labels }} +labels: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.labels "context" $dot) | nindent 2 }} +{{- else }} labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent 2 }} {{- end -}} +{{- end -}} {{/* Create service monitor template @@ -133,14 +137,31 @@ spec: {{- else }} port: metrics {{- end }} + {{- if $dot.Values.metrics.serviceMonitor.isHttps }} + scheme: https + {{- if $dot.Values.metrics.serviceMonitor.tlsConfig }} + tlsConfig: {{- include "common.tplValue" ( dict "value" $dot.Values.metrics.serviceMonitor.tlsConfig "context" $dot) | nindent 6 }} + {{- else }} + tlsConfig: + insecureSkipVerify: true + {{- end }} + {{- end }} {{- if $dot.Values.metrics.serviceMonitor.basicAuth.enabled }} basicAuth: username: key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretUserKey }} + {{- if $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + name: {{ include "common.release" . }}-{{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + {{- else }} name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }} + {{- end }} password: key: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretPasswordKey }} + {{- if $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + name: {{ include "common.release" . }}-{{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretNameSuffix }} + {{- else }} name: {{ $dot.Values.metrics.serviceMonitor.basicAuth.externalSecretName }} + {{- end }} {{- end }} {{- if $dot.Values.metrics.serviceMonitor.interval }} interval: {{ $dot.Values.metrics.serviceMonitor.interval }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 210fbd02ba..4248cfe85c 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -15,7 +15,7 @@ # limitations under the License. */}} -{{- if .Values.backup.enabled }} +{{- if and .Values.backup.enabled .Values.persistence.enabled }} apiVersion: batch/v1beta1 kind: CronJob metadata: @@ -37,7 +37,10 @@ spec: - name: mariadb-galera-backup-init image: {{ include "repositoryGenerator.image.mariadb" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{ include "common.containerSecurityContext" . | indent 14 | trim }} + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false command: - /bin/bash - -c @@ -52,7 +55,7 @@ spec: target_dir=/backup/backup-`date +%s` mkdir -p $target_dir - mysqlhost={{ include "common.servicename" . }}.{{ include "common.namespace" . }} + mysqlhost={{ include "common.fullname" . }}-0.{{ include "common.servicename" . }}-headless.{{ include "common.namespace" . }} mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost @@ -78,13 +81,18 @@ spec: volumeMounts: - name: backup-dir mountPath: /backup + - name: data + mountPath: /bitnami/mariadb containers: - name: mariadb-backup-validate image: {{ include "repositoryGenerator.image.mariadb" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{ include "common.containerSecurityContext" . | indent 14 | trim }} + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false env: - - name: MYSQL_ROOT_PASSWORD + - name: MARIADB_ROOT_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }} command: - /bin/bash @@ -105,17 +113,17 @@ spec: fi target_dir=$(ls -td -- /backup/backup-* | head -n 1) - cp -Ra $target_dir/* /var/lib/mysql/ + cp -Ra $target_dir/* /bitnami/mariadb/data - if [ ! "$(ls -A /var/lib/mysql)" ]; then + if [ ! "$(ls -A /bitnami/mariadb/data)" ]; then remove_dir $target_dir exit 0 fi - /docker-entrypoint.sh mysqld & + /opt/bitnami/scripts/mariadb/entrypoint.sh /opt/bitnami/scripts/mariadb/run.sh & count=0 - until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1"; + until mysql --user=root --password=$MARIADB_ROOT_PASSWORD -e "SELECT 1"; do sleep 3; count=`expr $count + 1`; if [ $count -ge 30 ]; then @@ -124,7 +132,7 @@ spec: fi; done - mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log + mysqlcheck -A --user=root --password=$MARIADB_ROOT_PASSWORD > /tmp/output.log error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l` cat /tmp/output.log @@ -142,6 +150,10 @@ spec: fi resources: {{ include "common.resources" . | nindent 12 }} volumeMounts: + - mountPath: /bitnami/mariadb/data + name: tmp-data + - mountPath: /opt/bitnami/mariadb/tmp + name: tmp - mountPath: /etc/localtime name: localtime readOnly: true @@ -153,7 +165,18 @@ spec: - name: localtime hostPath: path: /etc/localtime + - name: data + persistentVolumeClaim: + {{- if .Values.persistence.existingClaim }} + claimName: {{ .Values.persistence.existingClaim }} + {{- else }} + claimName: {{ include "common.fullname" . }}-{{ include "common.fullname" . }}-0 + {{- end }} - name: backup-dir persistentVolumeClaim: claimName: {{ include "common.fullname" . }}-backup-data + - name: tmp-data + emptyDir: {} + - name: tmp + emptyDir: {} {{- end }} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 9f7c882134..d65c4f7943 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -174,6 +174,8 @@ galera: # password: # externalSecret: +## The backup job will mount the mariadb data pvc in order to run mariabackup. +## For this reason the db data pvc needs to have accessMode: ReadWriteMany. backup: enabled: false cron: "00 00 * * *" @@ -458,6 +460,7 @@ persistence: ## annotations: ## Persistent Volume Access Mode + ## Use ReadWriteMany if backup is enabled, see backup section. ## accessMode: ReadWriteOnce ## Persistent Volume size diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index ef49f8c5d4..ef846034d0 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -1,7 +1,7 @@ {{/* #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. # Copyright (c) 2021 Nokia. All rights reserved. # Copyright (c) 2021 Nordix Foundation. @@ -176,7 +176,7 @@ The Deployment always includes a single Pod, with a container that uses the DCAE microservice image. The Deployment Pod may also include a logging sidecar container. -The sidecar is included if .Values.logDirectory is set. The +The sidecar is included if .Values.log.path is set. The logging sidecar and the DCAE microservice container share a volume where the microservice logs are written. @@ -222,7 +222,8 @@ policies: */}} {{- define "dcaegen2-services-common.microserviceDeployment" -}} -{{- $logDir := default "" .Values.log.path -}} +{{- $log := default dict .Values.log -}} +{{- $logDir := default "" $log.path -}} {{- $certDir := default "" .Values.certDirectory . -}} {{- $tlsServer := default "" .Values.tlsServer -}} {{- $commonRelease := print (include "common.release" .) -}} diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml index 2ce6c89775..d53a83daa4 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ========================== # ========================================================================= # Copyright (c) 2021 Nordix Foundation. +# Copyright (c) 2022 Nokia. All rights reserved. # ========================================================================= # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -51,7 +52,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice- # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.6.1 +image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.7.1 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -96,7 +97,6 @@ certificates: readinessCheck: wait_for: containers: - - dcae-config-binding-service - aaf-cm - dmaap-bc - dmaap-provisioning-job @@ -120,12 +120,6 @@ service: plain_port: 8100 port_protocol: http -# Environment variables -applicationEnv: -# Empty path forces DFC to use Consul configuration, which allows app runtime reconfiguration. -# It's a workaround because DMAAP specific env variables are not available in main container. - CBS_CLIENT_CONFIG_PATH: '' - # Data Router Publisher Credentials drPubscriberCreds: username: username diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml index 07306e1286..ec320ebef8 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/values.yaml @@ -79,7 +79,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-datalake-postgres diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml index 4ed0a83677..c325569de5 100644 --- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/values.yaml @@ -79,7 +79,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-heartbeat-postgres diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 65a5d04d80..a8a30f4d12 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -93,7 +93,6 @@ certificates: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml index 037dd0aec0..8425024ba6 100644 --- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml @@ -78,7 +78,6 @@ policies: # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # Probe Configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml index 39c4a8ed50..0d28683feb 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ========================== # ========================================================================= # Copyright (C) 2021 Nordix Foundation. +# Copyright (c) 2022 Nokia. All rights reserved. # ========================================================================= # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -55,7 +56,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.pm-mapper:1.7.2 +image: onap/org.onap.dcaegen2.services.pm-mapper:1.8.0 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -78,7 +79,6 @@ tlsServer: true readinessCheck: wait_for: containers: - - dcae-config-binding-service - aaf-cm - dmaap-bc - dmaap-provisioning-job @@ -131,14 +131,14 @@ credentials: # Initial Application Configuration applicationConfig: enable_tls: true - enable_http: false - aaf_identity: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} + enable_http: true + aaf_identity: "" + aaf_password: "" pm-mapper-filter: "{ \"filters\":[] }" - key_store_path: /opt/app/pm-mapper/etc/cert/cert.jks - key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass - trust_store_path: /opt/app/pm-mapper/etc/cert/trust.jks - trust_store_pass_path: /opt/app/pm-mapper/etc/cert/trust.pass + key_store_path: "" + key_store_pass_path: "" + trust_store_path: "" + trust_store_pass_path: "" dmaap_dr_delete_endpoint: https://dmaap-dr-node:8443/delete streams_publishes: dmaap_publisher: @@ -147,7 +147,7 @@ applicationConfig: client_id: ${MR_FILES_PUBLISHER_CLIENT_ID_0} location: san-francisco client_role: org.onap.dcae.pmPublisher - topic_url: http://message-router:3904/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS streams_subscribes: dmaap_subscriber: type: data_router diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml index 4bdd2b8088..80014e7528 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -57,7 +57,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.pmsh:1.3.2 +image: onap/org.onap.dcaegen2.services.pmsh:2.0.0 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -79,7 +79,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-pmsh-postgres diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml index a4ed6994f7..7886ed75a8 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml @@ -1,6 +1,7 @@ #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2022 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,7 +41,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1 +image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.8.0 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -69,7 +70,6 @@ secrets: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml index 543b79b9c0..4c736c49f0 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -51,7 +51,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.2.7 +image: onap/org.onap.dcaegen2.collectors.restconfcollector:1.3.2 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -73,7 +73,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # Probe Configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml index 6cebca6412..849738e8e2 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -1,6 +1,6 @@ # ============= LICENSE_START ================================================ # ============================================================================ -# Copyright (C) 2021 Wipro Limited. +# Copyright (C) 2021-2022 Wipro Limited. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -57,7 +57,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.6 +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.7 # Log directory where logging sidecar should look for log files # if path is set to null sidecar won't be deployed in spite of @@ -78,7 +78,6 @@ tlsServer: true # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-sliceanalysisms-postgres @@ -121,8 +120,6 @@ credentials: # Initial Application Configuration applicationConfig: - aafUsername: ${AAF_IDENTITY} - aafPassword: ${AAF_PASSWORD} postgres.host: dcae-sliceanalysisms-pg-primary postgres.port: 5432 postgres.username: ${PG_USERNAME} @@ -144,32 +141,35 @@ applicationConfig: sliceanalysisms.samples: 3 sliceanalysisms.minPercentageChange: 5 sliceanalysisms.initialDelaySeconds: 120000 + sliceanalysisms.rannfnssiDetailsTemplateId: get-rannfnssiid-details + sliceanalysisms.desUrl: http://dl-des:1681/datalake/v1/exposure/pm_data + sliceanalysisms.pmDataDurationInWeeks: 4 streams_publishes: CL_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.DCAE_CL_OUTPUT + topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT streams_subscribes: performance_management_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS intelligent_slicing_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.ML_RESPONSE_TOPIC + topic_url: http://message-router:3904/events/unauthenticated.ML_RESPONSE_TOPIC dcae_cl_response_topic: type: message-router aaf_username: ${AAF_IDENTITY} aaf_password: ${AAF_PASSWORD} dmaap_info: - topic_url: https://message-router.onap.svc.cluster.local:3905/events/DCAE_CL_RSP + topic_url: http://message-router:3904/events/DCAE_CL_RSP applicationEnv: STANDALONE: 'false' diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml index 51ec337724..25f0c3b730 100644 --- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/values.yaml @@ -57,10 +57,11 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # and key from AAF and mount them in certDirectory. tlsServer: true + # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service + - message-router # Probe Configuration readiness: diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml index 9aa5d707ba..8d45290fb2 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -91,7 +91,6 @@ policies: # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm - &postgresName dcae-sonhms-postgres diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml index a65fa7c347..cb03d89d25 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml @@ -71,7 +71,6 @@ secrets: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index 508cea4766..13b71ec44d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -1,7 +1,7 @@ #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2021 J. F. Lucas. All rights reserved. -# Copyright (c) 2021 Nokia. All rights reserved. +# Copyright (c) 2021-2022 Nokia. All rights reserved. # Copyright (c) 2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -43,7 +43,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice- # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.3 +image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.11.0 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -87,7 +87,6 @@ certificates: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml index d11f167acf..c9ee185984 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/values.yaml @@ -40,7 +40,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1. # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.2 +image: onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:1.3.3 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -62,7 +62,6 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # Dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # Service Configuration @@ -77,6 +76,9 @@ service: # application environments applicationEnv: LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true' + CONFIG_BINDING_SERVICE_SERVICE_PORT: '10000' # Workaround until DCAEGEN2-3098 is addressed + CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + # Initial Application Configuration applicationConfig: diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index b1671f00f5..417d968ac9 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -98,8 +98,8 @@ default_k8s_location: central # Use to override default setting in blueprints componentImages: tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1 - ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1 + ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.11.0 + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.8.0 hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.10.0 # Resource Limit flavor -By Default using small diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml index 2c276a7827..d4452480a0 100644 --- a/kubernetes/dcaegen2/values.yaml +++ b/kubernetes/dcaegen2/values.yaml @@ -48,7 +48,7 @@ dcae-cloudify-manager: config: cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-config-binding-service: - enabled: true + enabled: false dcae-dashboard: enabled: false config: @@ -58,7 +58,7 @@ dcae-deployment-handler: config: cloudifyManagerPasswordExternalSecret: *cmPassSecretName dcae-healthcheck: - enabled: true + enabled: false dcae-inventory-api: enabled: false dcae-policy-handler: diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml index dee6adddc2..555e63767e 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Istanbul" +appVersion: "Jakarta" description: TBD name: TBD version: TBD @@ -41,3 +41,7 @@ dependencies: - name: serviceAccount version: ~10.x-0 repository: '@local' + - name: mongo + version: ~10.x-0 + repository: '@local' + condition: mongo.enabled diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml index 139e3d308f..7609ba6568 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021-2022 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -48,10 +48,32 @@ dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-syn postgres: enabled: false +#mongo enable/disable +mongo: + enabled: false + nameOverride: dcae-mongo + config: + dbName: dcaecommondb + service: + name: dcae-mongohost + internalPort: 27017 + nfsprovisionerPrefix: dcaemongo + sdnctlPrefix: tcagen2 + persistence: + mountSubPath: dcae/mongo/data + enabled: true + disableNfsProvisioner: true + # log directory where logging sidecar should look for log files # if absent, no sidecar will be deployed #logDirectory: TBD #/opt/app/VESCollector/logs #DONE +# Following requires manual override until fix for DCAEGEN2-3087 +# is available to switch logDirectory setting to log.path +log: + path: /opt/app/ +logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + # directory where TLS certs should be stored # if absent, no certs will be retrieved and stored #certDirectory: TBD #/opt/app/dcae-certificate #DONE @@ -64,7 +86,6 @@ postgres: # dependencies readinessCheck: wait_for: - - dcae-config-binding-service - aaf-cm # probe configuration #NEED DISCUSSION diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index e7d3fa2fa2..5c50381309 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -93,7 +93,7 @@ readiness: # application image -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.1 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 6ad3e454d7..d1d2c54833 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -44,7 +44,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-node:2.1.9 +image: onap/dmaap/datarouter-node:2.1.10 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index 9e6effac8b..12eb1fb041 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -42,7 +42,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/dmaap/datarouter-prov:2.1.9 +image: onap/dmaap/datarouter-prov:2.1.10 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index f92bfa78bc..9306985d33 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -87,7 +87,7 @@ uui: vfc: enabled: true vid: - enabled: true + enabled: false vnfsdk: enabled: true modeling: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 73f96d3eb8..f5b5c8ed7d 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -135,7 +135,7 @@ global: # default password complexity # available options: phrase, name, pin, basic, short, medium, long, maximum security - # More datails: https://masterpassword.app/masterpassword-algorithm.pdf + # More datails: https://www.masterpasswordapp.com/masterpassword-algorithm.pdf passwordStrength: long # configuration to set log level to all components (the one that are using diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index 248d3afd57..bc129beb3e 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -155,3 +155,6 @@ etcd-init: keyPrefix: conductor flavor: *etcd-flavor resources: *etcd-resources + +# Python doesn't support well dollar sign in password +passwordStrengthOverride: basic
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..dbf6a7cd6a --- /dev/null +++ b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 48e6802219..7bb430ad29 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -139,3 +139,27 @@ serviceAccount: nameOverride: policy-apex-pdp roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-apex-pdp + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-apex-pdp-restserver-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..dbf6a7cd6a --- /dev/null +++ b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index e037c64e15..4dfdcae152 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -149,3 +149,27 @@ serviceAccount: nameOverride: policy-api roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-api + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-api-user-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 184adb6f0a..7227ee8ded 100644 --- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -63,7 +63,7 @@ server: logging: # Configuration of logging level: - ROOT: ERROR + ROOT: INFO org.springframework: ERROR org.springframework.data: ERROR org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR @@ -74,4 +74,12 @@ logging: chart: api: - enabled: false
\ No newline at end of file + enabled: false + +# Sample Permitted list of helm repositories. Before deployment update the repositories where the helm charts are located. +# The Kubernetes participant accept only HTTPS Address +helm: + repos: + - + repoName: bitnami + address: https://charts.bitnami.com/bitnami
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..dbf6a7cd6a --- /dev/null +++ b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 42caed4163..e8f8ad6099 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -161,3 +161,27 @@ serviceAccount: nameOverride: policy-distribution roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-distribution + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-distribution-restserver-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' diff --git a/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..dbf6a7cd6a --- /dev/null +++ b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index a31de712ef..3ef235631a 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -175,3 +175,22 @@ serviceAccount: nameOverride: policy-pap roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: http-api + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-pap-user-creds + externalSecretUserKey: login + externalSecretPasswordKey: password diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml new file mode 100644 index 0000000000..dbf6a7cd6a --- /dev/null +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml @@ -0,0 +1,23 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (c) 2022 Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +{{- if .Values.prometheus.enabled }} +{{ include "common.serviceMonitor" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 718c222307..e0d8b798a4 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -158,3 +158,27 @@ serviceAccount: nameOverride: policy-xacml-pdp roles: - read + +prometheus: + enabled: true + +metrics: + serviceMonitor: + # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. + # The default operator for prometheus enforces the below label. + labels: + release: prometheus + enabled: true + port: policy-xacml-pdp + interval: 60s + isHttps: true + basicAuth: + enabled: true + externalSecretNameSuffix: policy-xacml-pdp-restserver-creds + externalSecretUserKey: login + externalSecretPasswordKey: password + selector: + app: '{{ include "common.name" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' |