diff options
21 files changed, 130 insertions, 63 deletions
diff --git a/kubernetes/Makefile b/kubernetes/Makefile index db361fb5be..ca46ad8fe0 100644 --- a/kubernetes/Makefile +++ b/kubernetes/Makefile @@ -32,7 +32,7 @@ SUBMODS := robot aai EXCLUDES := config oneclick readiness test dist helm $(PARENT_CHART) dcae $(SUBMODS) HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) $(PARENT_CHART) -.PHONY: $(EXCLUDES) $(HELM_CHARTS) +.PHONY: $(EXCLUDES) $(HELM_CHARTS) check-for-staging-images all: $(COMMON_CHARTS_DIR) $(SUBMODS) $(HELM_CHARTS) plugins @@ -96,5 +96,10 @@ repo: repo-stop: @pkill $(HELM_BIN) @$(HELM_BIN) repo remove local + +check-for-staging-images: + $(ROOT_DIR)/contrib/tools/check-for-staging-images.sh + %: @: + diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index ac26f9b575..21a86a0fe1 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -30,7 +30,7 @@ secrets: passwordPolicy: required repository: nexus3.onap.org:10001 -image: onap/ccsdk-oran-a1policymanagementservice:1.1.0 +image: onap/ccsdk-oran-a1policymanagementservice:1.0.1 pullPolicy: IfNotPresent replicaCount: 1 diff --git a/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml b/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml index 23fab7a6e0..1591efb8b4 100644 --- a/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml +++ b/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml @@ -59,19 +59,16 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- if .Values.global.aafEnabled }} command: - sh workingDir: "/opt/clamp/" args: - -c - | + {{- if .Values.global.aafEnabled }} export $(grep '^cadi_' {{ .Values.certInitializer.credsPath }}/org.onap.clamp.cred.props | xargs -0) - java -Djava.security.egd=file:/dev/./urandom -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=75 -jar ./app.jar - {{- else }} - args: - - "" {{- end }} + java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./app.jar ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -104,15 +101,16 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} - name: MYSQL_DATABASE value: {{ tpl .Values.db.databaseName .}} - resources: -{{ include "common.resources" . | indent 12 }} + {{- if ne "unlimited" (include "common.flavor" .) }} + - name: JAVA_RAM_CONFIGURATION + value: -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=75 + {{- end }} + resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} + nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} + affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-config diff --git a/kubernetes/clamp/components/clamp-backend/values.yaml b/kubernetes/clamp/components/clamp-backend/values.yaml index c3fee5d79e..6478809cbc 100644 --- a/kubernetes/clamp/components/clamp-backend/values.yaml +++ b/kubernetes/clamp/components/clamp-backend/values.yaml @@ -31,18 +31,18 @@ global: # global defaults certInitializer: permission_user: 1000 permission_group: 999 - keystoreFile: "org.onap.clamp.p12" - truststoreFile: "org.onap.clamp.trust.jks" - keyFile: "org.onap.clamp.keyfile" - truststoreFileONAP: "truststoreONAPall.jks" + keystoreFile: 'org.onap.clamp.p12' + truststoreFile: 'org.onap.clamp.trust.jks' + keyFile: 'org.onap.clamp.keyfile' + truststoreFileONAP: 'truststoreONAPall.jks' nameOverride: clamp-backend-cert-initializer aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! fqdn: clamp fqi: clamp@clamp.onap.org public_fqdn: clamp.onap.org - cadi_longitude: "-72.0" - cadi_latitude: "38.0" + cadi_longitude: '-72.0' + cadi_latitude: '38.0' app_ns: org.osaaf.aaf credsPath: /opt/app/osaaf/local aaf_add_config: > @@ -66,7 +66,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-backend:5.1.3 +image: onap/clamp-backend:5.1.4 pullPolicy: Always # flag to enable debugging - application support required @@ -126,23 +126,23 @@ ingress: enabled: false #resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # - # Example: - # Configure resource requests and limits - # ref: http://kubernetes.io/docs/user-guide/compute-resources/ - # Minimum memory for development is 2 CPU cores and 4GB memory - # Minimum memory for production is 4 CPU cores and 8GB memory +# We usually recommend not to specify default resources and to leave this as a conscious +# choice for the user. This also increases chances charts run on environments with little +# resources, such as Minikube. If you do want to specify resources, uncomment the following +# lines, adjust them as necessary, and remove the curly braces after 'resources:'. +# +# Example: +# Configure resource requests and limits +# ref: http://kubernetes.io/docs/user-guide/compute-resources/ +# Minimum memory for development is 2 CPU cores and 4GB memory +# Minimum memory for production is 4 CPU cores and 8GB memory resources: small: limits: cpu: 1 memory: 1Gi requests: - cpu: 10m + cpu: 1m memory: 1Gi large: limits: diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index 0a8a7b643a..9dcad58839 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -93,7 +93,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-frontend:5.1.3 +image: onap/clamp-frontend:5.1.4 pullPolicy: Always # flag to enable debugging - application support required @@ -175,7 +175,7 @@ resources: cpu: 1 memory: 200Mi requests: - cpu: 10m + cpu: 1m memory: 50Mi large: limits: diff --git a/kubernetes/consul/charts/consul-server/templates/statefulset.yaml b/kubernetes/consul/charts/consul-server/templates/statefulset.yaml index 430b6dd1bd..d572ec2d54 100644 --- a/kubernetes/consul/charts/consul-server/templates/statefulset.yaml +++ b/kubernetes/consul/charts/consul-server/templates/statefulset.yaml @@ -42,8 +42,10 @@ spec: containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" - command: ["/usr/local/bin/docker-entrypoint.sh"] + command: + - sh args: + - /usr/local/bin/docker-entrypoint.sh - "agent" - "-bootstrap-expect={{ .Values.replicaCount }}" - "-enable-script-checks" diff --git a/kubernetes/consul/templates/deployment.yaml b/kubernetes/consul/templates/deployment.yaml index 51c6eb72d5..6f1c57967f 100644 --- a/kubernetes/consul/templates/deployment.yaml +++ b/kubernetes/consul/templates/deployment.yaml @@ -39,15 +39,34 @@ spec: spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + initContainers: + - name: {{ include "common.name" . }}-chown + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} + command: + - sh + args: + - -c + - | + cp -r -L /tmp/consul/config/* /consul/config/ + chown -R {{ .Values.consulUID }}:{{ .Values.consulGID }} /consul/config + ls -la /consul/config + volumeMounts: + - mountPath: /tmp/consul/config + name: consul-agent-config + - mountPath: /consul/config + name: consul-agent-config-dir containers: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" command: - - /bin/sh - - "-c" - - | - apk update && apk add jq - cp /tmp/consul/config/* /consul/config - /usr/local/bin/docker-entrypoint.sh agent -client 0.0.0.0 -enable-script-checks -retry-join {{ .Values.consulServer.nameOverride }} + - sh + args: + - /usr/local/bin/docker-entrypoint.sh + - agent + - -client + - 0.0.0.0 + - -enable-script-checks + - -retry-join + - {{ .Values.consulServer.nameOverride }} name: {{ include "common.name" . }} env: - name: SDNC_ODL_COUNT @@ -55,14 +74,16 @@ spec: - name: SDNC_IS_PRIMARY_CLUSTER value: "{{ .Values.sdnc.config.isPrimaryCluster }}" volumeMounts: - - mountPath: /tmp/consul/config - name: consul-agent-config + - mountPath: /consul/config + name: consul-agent-config-dir - mountPath: /consul/scripts name: consul-agent-scripts-config - mountPath: /consul/certs name: consul-agent-certs-config resources: {{ include "common.resources" . | nindent 10 }} volumes: + - name: consul-agent-config-dir + emptyDir: {} - configMap: name: {{ include "common.fullname" . }}-configmap name: consul-agent-config diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml index 512c4c3dac..8f17dc637f 100644 --- a/kubernetes/consul/values.yaml +++ b/kubernetes/consul/values.yaml @@ -20,19 +20,24 @@ global: readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + busyboxRepository: registry.hub.docker.com + busyboxImage: library/busybox:latest ################################################################# # Application configuration defaults. ################################################################# # application image repository: docker.io -image: oomk8s/consul:1.0.0 +image: oomk8s/consul:2.0.0 pullPolicy: Always #subchart name consulServer: nameOverride: consul-server +consulUID: 100 +consulGID: 1000 + # flag to enable debugging - application support required debugEnabled: false diff --git a/kubernetes/contrib/tools/check-for-staging-images.sh b/kubernetes/contrib/tools/check-for-staging-images.sh new file mode 100755 index 0000000000..ce51b30b58 --- /dev/null +++ b/kubernetes/contrib/tools/check-for-staging-images.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +BASE_URL="https://nexus3.onap.org/repository/docker.release" + +if [ "$GERRIT_BRANCH" == "staging" ]; then + exit 0 +fi + +USED_IMAGES=$(grep -r -E -o -h ':\s*onap/.*:.*' | sed -e 's/^: //' -e 's/^ //' | sort | uniq) +REPO_IMAGES=$(curl -s $BASE_URL/v2/_catalog | jq -r '.repositories[]') +NOT_AVAILABLE_IMAGES=$(echo "$USED_IMAGES" | grep -vE "$(echo "$REPO_IMAGES" | tr "\n" "|" | sed 's/|$//')") +USED_IMAGES=$(echo "$USED_IMAGES" | grep -E "$(echo "$REPO_IMAGES" | tr "\n" "|" | sed 's/|$//')") +for i in $USED_IMAGES; do + TMP_IMG=$(echo "$i" | cut -d ":" -f1) + TMP_TAG=$(echo "$i" | cut -d ":" -f2) + if [ "$LAST_IMG" != "$TMP_IMG" ]; then + AVAILABLE_TAGS=$(curl -s $BASE_URL/v2/$TMP_IMG/tags/list | jq -r '.tags[]') + fi + if ! echo "$AVAILABLE_TAGS" | grep "$TMP_TAG" > /dev/null; then + NOT_AVAILABLE_IMAGES="$NOT_AVAILABLE_IMAGES\n$i" + fi + LAST_IMG="$TMP_IMG" + printf "." +done +printf "\n" +if [ -n "$NOT_AVAILABLE_IMAGES" ]; then + echo "[ERROR] Only release images are allowed in helm charts." + echo "[ERROR] Images not found in release repo:" + echo -e "$NOT_AVAILABLE_IMAGES" + exit 1 +fi +exit 0
\ No newline at end of file diff --git a/kubernetes/onap/resources/environments/core-onap.yaml b/kubernetes/onap/resources/environments/core-onap.yaml index 43523aefcb..027bc7b850 100644 --- a/kubernetes/onap/resources/environments/core-onap.yaml +++ b/kubernetes/onap/resources/environments/core-onap.yaml @@ -1,4 +1,3 @@ -{{/* # Copyright 2020 Samsung Electronics Co., Ltd. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -*/}} # This override file is used to deploy a core configuration. It is based on diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index 553afb3d95..dd22d8fc75 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -1,4 +1,3 @@ -{{/* # Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -*/}} ################################################################# # Global configuration overrides. diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml index 172dce41ef..27588fa4a8 100644 --- a/kubernetes/onap/resources/environments/disable-allcharts.yaml +++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml @@ -1,4 +1,3 @@ -{{/* # Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -*/}} # This override file is useful to test one or more subcharts. diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index 904235496f..336e93788c 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -1,4 +1,3 @@ -{{/* # Copyright © 2017 Amdocs, Bell Canada, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -*/}} # This override file is used to deploy a minimal configuration to diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml index 12950fbfb5..4a910987a9 100644 --- a/kubernetes/onap/resources/environments/public-cloud.yaml +++ b/kubernetes/onap/resources/environments/public-cloud.yaml @@ -1,4 +1,3 @@ -{{/* # Copyright © 2017 Amdocs, Bell Canada # Copyright (c) 2020 Nordix Foundation, Modifications # @@ -13,7 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -*/}} ################################################################# # Global configuration overrides. diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index 03b6db066a..a44176f964 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -39,8 +39,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-backend-all-plugins:1.7.1 -backendInitImage: onap/sdc-backend-init:1.7.1 +image: onap/sdc-backend-all-plugins:1.7.2 +backendInitImage: onap/sdc-backend-init:1.7.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index e80f64844e..589d530419 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -38,8 +38,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.7.1 -cassandraInitImage: onap/sdc-cassandra-init:1.7.1 +image: onap/sdc-cassandra:1.7.2 +cassandraInitImage: onap/sdc-cassandra-init:1.7.2 pullPolicy: Always diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 1389d05c02..8cf3d26e8e 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -51,7 +51,7 @@ certInitializer: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-frontend:1.7.1 +image: onap/sdc-frontend:1.7.2 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index 6ec08db43a..0d12f074e6 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -63,8 +63,8 @@ certInitializer: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-onboard-backend:1.7.1 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.7.1 +image: onap/sdc-onboard-backend:1.7.2 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.7.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml index 6d3988ab8b..82ba0844e8 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/values.yaml @@ -60,7 +60,7 @@ secrets: # Application configuration defaults. ################################################################# repository: nexus3.onap.org:10001 -image: onap/so/so-etsi-nfvo-ns-lcm:1.7.4 +image: onap/so/so-etsi-nfvo-ns-lcm:1.7.7 pullPolicy: Always aai: diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl index 98876e3cea..d148a1cd60 100644 --- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl +++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl @@ -5,7 +5,7 @@ {{ include "common.certInitializer.initContainer" $subchartDot }} {{- if $dot.Values.global.aafEnabled }} - name: {{ include "common.name" $dot }}-msb-cert-importer - image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}" + image: "{{ include "common.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }}" imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} command: - "/bin/sh" diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index 3e0e235717..2cdc1e9a32 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -43,7 +43,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/vnfsdk/refrepo:1.6.0 +image: onap/vnfsdk/refrepo:1.6.2 postgresRepository: crunchydata postgresImage: crunchy-postgres:centos7-10.3-1.8.2 pullPolicy: Always |