diff options
8 files changed, 148 insertions, 47 deletions
diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties index 805f3cd505..817849fc48 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/application.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties @@ -101,10 +101,10 @@ schema.service.client=no-auth management.port=8448 management.endpoints.enabled-by-default=false management.security.enabled=false -endpoints.enabled=false -endpoints.info.enabled=false -endpoints.prometheus.enabled=false -endpoints.health.enabled=false +endpoints.enabled={{ .Values.endpoints.enabled }} +endpoints.info.enabled={{ .Values.endpoints.info.enabled }} +endpoints.prometheus.enabled={{ .Values.metrics.serviceMonitor.enabled }} +endpoints.health.enabled={{ .Values.endpoints.health.enabled }} management.metrics.web.server.auto-time-requests=false management.metrics.distribution.percentiles-histogram[http.server.requests]=true management.metrics.distribution.sla[http.server.requests]=20ms, 30ms, 40ms, 50ms, 60ms, 70ms, 80ms, 90ms, 100ms, 500ms, 1000ms, 5000ms, 7000ms diff --git a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties index 836dc7b176..4835560665 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties @@ -90,7 +90,17 @@ log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} {{ end }} storage.lock.wait-time=300 -# Setting db-cache to false ensure the fastest propagation of changes across servers -cache.db-cache = false + +# https://docs.janusgraph.org/operations/cache/#database-level-caching +# Setting db-cache to false will ensure the fastest propagation of changes across servers +# Setting db-cache to true will ensure fastest response times +cache.db-cache={{ .Values.config.janusgraph.caching.enabled }} +{{ if .Values.config.janusgraph.caching.enabled }} +# cache-time in milliseconds +cache.db-cache-time={{ .Values.config.janusgraph.caching.dbCacheTime }} +cache.db-cache-size={{ .Values.config.janusgraph.caching.dbCacheSize }} +cache.db-cache-clean-wait={{ .Values.config.janusgraph.caching.dbCacheCleanWait }} +{{ end }} + #load graphson file on startup load.snapshot.file=false diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml index 5ddd293658..07919a97a2 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml @@ -27,14 +27,17 @@ <configuration>
<property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>
+ <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />
<property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
<property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
+ <property name="livenessAccessLogEnabled"
+ value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />
+
<if condition='property("logToFileEnabled").contains("true")'>
<then>
<appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}.zip
@@ -43,17 +46,36 @@ <totalSizeCap>${totalSizeCap}</totalSizeCap>
</rollingPolicy>
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}
+ %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}
+ %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}
+ %i{X-AAI-SSL-Client-DN} %D</Pattern>
</encoder>
</appender>
- <appender-ref ref="ACCESS"/>
+ <appender-ref ref="ACCESS" />
</then>
</if>
<appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}
+ %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}
+ %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -
+ "logType": "access"</Pattern>
</encoder>
+ <if condition='property("livenessAccessLogEnabled").contains("false")'>
+ <then>
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.access.net.URLEvaluator">
+ <URL>/aai/util/echo</URL>
+ </evaluator>
+ <OnMismatch>NEUTRAL</OnMismatch>
+ <OnMatch>DENY</OnMatch>
+ </filter>
+ </then>
+ </if>
</appender>
<appender-ref ref="STDOUTACCESS" />
@@ -83,5 +105,4 @@ %z - Custom pattern that parses the cert for the subject
%y - Custom pattern determines rest or dme2
-->
-*/}}
-
+*/}}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 3a4d568799..ba0897eeca 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -154,6 +154,18 @@ config: # to the user in keycloak multiTenancy: enabled: true + janusgraph: + caching: + # enable when running read-heavy workloads + # modifications to graph done by this service/janusgraph instance will immediately invalidate the cache + # modifications to graph done by other services (traversal) will only be visible + # after time specified in db-cache-time + enabled: false + # Documentation: https://docs.janusgraph.org/operations/cache/#database-level-caching + dbCacheTime: 180000 # in milliseconds + dbCacheSize: 0.1 # percentage (expressed as a decimal between 0 and 1) of the total heap space available to the JVM running + dbCacheCleanWait: 20 # in milliseconds + # Specifies crud related operation timeouts and overrides crud: @@ -259,6 +271,13 @@ tracing: ignorePatterns: - /aai/util.* +endpoints: + enabled: true + health: + enabled: true + info: + enabled: true + metrics: serviceMonitor: enabled: false @@ -330,6 +349,7 @@ logback: queueSize: 1000 accessLogback: + livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes logToFileEnabled: false maxHistory: 7 totalSizeCap: 1GB diff --git a/kubernetes/aai/components/aai-traversal/resources/config/application.properties b/kubernetes/aai/components/aai-traversal/resources/config/application.properties index caed64513a..67fefd2960 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/application.properties +++ b/kubernetes/aai/components/aai-traversal/resources/config/application.properties @@ -1,7 +1,7 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # Modifications Copyright © 2020 Orange -# Modifications Copyright © 2023 Nordix Foundation +# Modifications Copyright � 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -95,10 +95,10 @@ schema.service.client=no-auth management.port=8448 management.endpoints.enabled-by-default=false management.security.enabled=false -endpoints.enabled=false -endpoints.info.enabled=false -endpoints.prometheus.enabled=false -endpoints.health.enabled=false +endpoints.enabled={{ .Values.endpoints.enabled }} +endpoints.info.enabled={{ .Values.endpoints.info.enabled }} +endpoints.prometheus.enabled={{ .Values.metrics.serviceMonitor.enabled }} +endpoints.health.enabled={{ .Values.endpoints.health.enabled }} management.metrics.web.server.auto-time-requests=false management.metrics.distribution.percentiles-histogram[http.server.requests]=true management.metrics.distribution.sla[http.server.requests]=20ms, 30ms, 40ms, 50ms, 60ms, 70ms, 80ms, 90ms, 100ms, 500ms, 1000ms, 5000ms, 7000ms diff --git a/kubernetes/aai/components/aai-traversal/resources/config/janusgraph-realtime.properties b/kubernetes/aai/components/aai-traversal/resources/config/janusgraph-realtime.properties index 836dc7b176..4835560665 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/janusgraph-realtime.properties +++ b/kubernetes/aai/components/aai-traversal/resources/config/janusgraph-realtime.properties @@ -90,7 +90,17 @@ log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} {{ end }} storage.lock.wait-time=300 -# Setting db-cache to false ensure the fastest propagation of changes across servers -cache.db-cache = false + +# https://docs.janusgraph.org/operations/cache/#database-level-caching +# Setting db-cache to false will ensure the fastest propagation of changes across servers +# Setting db-cache to true will ensure fastest response times +cache.db-cache={{ .Values.config.janusgraph.caching.enabled }} +{{ if .Values.config.janusgraph.caching.enabled }} +# cache-time in milliseconds +cache.db-cache-time={{ .Values.config.janusgraph.caching.dbCacheTime }} +cache.db-cache-size={{ .Values.config.janusgraph.caching.dbCacheSize }} +cache.db-cache-clean-wait={{ .Values.config.janusgraph.caching.dbCacheCleanWait }} +{{ end }} + #load graphson file on startup load.snapshot.file=false diff --git a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml index 1d32a521a1..5e3a15c66a 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml @@ -21,35 +21,56 @@ -->
*/}}
<configuration scan="true" scanPeriod="60 seconds" debug="false">
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
- <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
- <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
+ <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
+ <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />
+ <property name="livenessAccessLogEnabled"
+ value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
- </encoder>
- </appender>
- <appender-ref ref="ACCESS" />
- </then>
- </if>
-
- <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
+ <if condition='property("logToFileEnabled").contains("true")'>
+ <then>
+ <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}
+ %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}
+ %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}
+ %i{X-AAI-SSL-Client-DN} %D</Pattern>
</encoder>
- </appender>
- <appender-ref ref="STDOUTACCESS" />
+ </appender>
+ <appender-ref ref="ACCESS" />
+ </then>
+ </if>
+
+ <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}
+ %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}
+ %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -
+ "logType": "access"</Pattern>
+ </encoder>
+ <if condition='property("livenessAccessLogEnabled").contains("false")'>
+ <then>
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.access.net.URLEvaluator">
+ <URL>/aai/util/echo</URL>
+ </evaluator>
+ <OnMismatch>NEUTRAL</OnMismatch>
+ <OnMatch>DENY</OnMatch>
+ </filter>
+ </then>
+ </if>
+ </appender>
+ <appender-ref ref="STDOUTACCESS" />
</configuration>
{{/*<!--
%a - Remote IP address
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 2b7e78f517..88f81e33f0 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -142,7 +142,6 @@ aai_enpoints: # application configuration config: - # configure keycloak according to your environment. # don't forget to add keycloak in active profiles above (global.config.profiles) keycloak: @@ -156,6 +155,18 @@ config: # the data-owner property with the given role to the user in keycloak multiTenancy: enabled: true + janusgraph: + caching: + # enable when running read-heavy workloads + # modifications to graph done by this service/janusgraph instance will immediately invalidate the cache + # modifications to graph done by other services (resources) will only be visible + # after time specified in db-cache-time + enabled: false + # Documentation: https://docs.janusgraph.org/operations/cache/#database-level-caching + dbCacheTime: 180000 # in milliseconds + dbCacheSize: 0.1 # percentage (expressed as a decimal between 0 and 1) of the total heap space available to the JVM running + dbCacheCleanWait: 20 # in milliseconds + # Specifies timeout information such as application specific and limits timeout: @@ -248,6 +259,7 @@ logback: queueSize: 1000 accessLogback: + livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes logToFileEnabled: false maxHistory: 7 totalSizeCap: 6GB @@ -271,6 +283,13 @@ resources: memory: 4Gi unlimited: {} +endpoints: + enabled: true + health: + enabled: true + info: + enabled: true + metrics: serviceMonitor: enabled: false |