diff options
13 files changed, 55 insertions, 11 deletions
diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index 84d3df3927..09e9607de7 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -1234,6 +1234,8 @@ spec: value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} + - name: POST_JAVA_OPTS + value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword=changeit' volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml index 19b87b1afa..b6ee064302 100644 --- a/kubernetes/common/cmpv2Config/values.yaml +++ b/kubernetes/common/cmpv2Config/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2020 Nokia +# Copyright © 2020-2021 Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,7 +14,7 @@ global: platform: certServiceClient: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 secretName: oom-cert-service-client-tls-secret envVariables: # Certificate related @@ -29,5 +29,5 @@ global: keystorePassword: "secret" truststorePassword: "secret" certPostProcessor: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.2 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index f5592bd252..e39b8c4ca2 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -133,6 +133,10 @@ spec: # we should wait for other pods to be up before trying to join # otherwise we got "no such host" errors when trying to resolve other members for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + if [ "${SET_NAME}-${i}" == "${HOSTNAME}" ]; then + echo "Skipping self-checking" + continue + fi while true; do echo "Waiting for ${SET_NAME}-${i}.${SERVICE_NAME} to come up" ping -W 1 -c 1 ${SET_NAME}-${i}.${SERVICE_NAME} > /dev/null && break diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 7d6fabe9b5..559675689f 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -23,7 +23,7 @@ global: # common global images busyboxImage: busybox:1.32 curlImage: curlimages/curl:7.69.1 - certServiceClientImage: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2 + certServiceClientImage: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 envsubstImage: dibi/envsubst:1 # there's only latest image for htpasswd htpasswdImage: xmartlabs/htpasswd:latest diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml index 13ea930aa5..a9c0029f41 100644 --- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml @@ -92,7 +92,7 @@ postgres: mountInitPath: dcaemod # application image -image: onap/org.onap.dcaegen2.platform.mod.onboardingapi:2.12.3 +image: onap/org.onap.dcaegen2.platform.mod.onboardingapi:2.12.4 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index b9f8943e04..03b5c83a97 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -69,7 +69,7 @@ readiness: # Should have a proper readiness endpoint or script # application image -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.0 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.1 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml index f653a02cff..40a4d7db93 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -87,7 +87,7 @@ spec: {{- end -}} {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} - {{- end -}} + {{- end }} # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: {{ include "repositoryGenerator.image.logging" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index a43073e8e2..5c94116bac 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -105,7 +105,7 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 10 }} - {{- end -}} + {{- end }} # Filebeat sidecar container - name: {{ include "common.name" . }}-filebeat-onap image: {{ include "repositoryGenerator.image.logging" . }} diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 048945025c..b401d66c3a 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -202,7 +202,7 @@ global: CMPv2CertManagerIntegration: false platform: certServiceClient: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 secret: name: oom-cert-service-client-tls-secret mountPath: /etc/onap/oom/certservice/certs/ diff --git a/kubernetes/platform/components/oom-cert-service/values.yaml b/kubernetes/platform/components/oom-cert-service/values.yaml index 8f31124e41..537b025fb0 100644 --- a/kubernetes/platform/components/oom-cert-service/values.yaml +++ b/kubernetes/platform/components/oom-cert-service/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2020, Nokia +# Copyright © 2020-2021, Nokia # Modifications Copyright © 2020, Nordix Foundation, Orange # Modifications Copyright © 2020 Nokia # @@ -38,7 +38,7 @@ certificateGenerationImage: onap/integration-java11:7.2.0 # Deployment configuration repository: "nexus3.onap.org:10001" -image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.2 +image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3 pullPolicy: Always replicaCount: 1 diff --git a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties index a21ac0441c..57a16bd488 100644 --- a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties +++ b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties @@ -12,6 +12,13 @@ sdnrPasswd=${ODL_ADMIN_PASSWORD} faultConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPFaultVESMsgConsumer TransportType=HTTPNOAUTH host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort | default "3904"}} +{{- if .Values.config.sdnr.dmaapProxy.enabled }} +{{- if .Values.config.sdnr.dmaapProxy.usepwd }} +jersey.config.client.proxy.username=${DMAAP_HTTP_PROXY_USERNAME} +jersey.config.client.proxy.password=${DMAAP_HTTP_PROXY_PASSWORD} +{{- end }} +jersey.config.client.proxy.uri={{ .Values.config.sdnr.dmaapProxy.url }} +{{- end }} topic=unauthenticated.SEC_FAULT_OUTPUT contenttype=application/json group=myG @@ -23,6 +30,13 @@ limit=10000 pnfRegConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPPNFRegVESMsgConsumer TransportType=HTTPNOAUTH host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort | default "3904"}} +{{- if .Values.config.sdnr.dmaapProxy.enabled }} +{{- if .Values.config.sdnr.dmaapProxy.usepwd }} +jersey.config.client.proxy.username=${DMAAP_HTTP_PROXY_USERNAME} +jersey.config.client.proxy.password=${DMAAP_HTTP_PROXY_PASSWORD} +{{- end }} +jersey.config.client.proxy.uri={{ .Values.config.sdnr.dmaapProxy.url }} +{{- end }} topic=unauthenticated.VES_PNFREG_OUTPUT contenttype=application/json group=myG diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index b668fd8e4d..2158fefe19 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -67,6 +67,13 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }} - name: ODL_ADMIN_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }} + {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }} + - name: DMAAP_HTTP_PROXY_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }} + - name: DMAAP_HTTP_PROXY_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }} + {{- end }} + volumeMounts: - mountPath: /config-input diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 4354fe4a23..c02d5592e6 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -73,6 +73,14 @@ secrets: password: '{{ .Values.config.odlPassword }}' # For now this is left hardcoded but should be revisited in a future passwordPolicy: required + - uid: dmaap-proxy-creds + name: &dmaapProxyCredsSecretName '{{ include "common.release" . }}-sdnc-dmaap-proxy-creds' + type: basicAuth + externalSecret: '{{ .Values.config.dmaapProxyCredsExternalSecret }}' + login: '{{ .Values.config.sdnr.dmaapProxy.user }}' + password: '{{ .Values.config.sdnr.dmaapProxy.password }}' + # For now this is left hardcoded but should be revisited in a future + passwordPolicy: required - uid: netbox-apikey type: password externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}' @@ -227,6 +235,15 @@ config: sdnrdbTrustAllCerts: true mountpointRegistrarEnabled: false mountpointStateProviderEnabled: false + # enable and set dmaap-proxy for mountpointRegistrar + dmaapProxy: + enabled: false + usepwd: true + user: addUserHere + password: addPasswordHere + url: addProxyUrlHere + + |