aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/index.rst3
-rw-r--r--docs/oom_setup_paas.rst103
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/config/has.json7
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/job.yaml6
-rw-r--r--kubernetes/aaf/components/aaf-sms/values.yaml9
-rw-r--r--kubernetes/aai/components/aai-babel/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-modelloader/values.yaml2
-rw-r--r--kubernetes/aai/components/aai-sparky-be/values.yaml2
-rw-r--r--kubernetes/contrib/components/awx/templates/configmap.yaml92
-rw-r--r--kubernetes/contrib/components/awx/templates/statefulset.yaml14
-rwxr-xr-xkubernetes/contrib/components/awx/values.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml10
-rw-r--r--kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml4
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml6
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties4
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml4
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml14
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties8
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml4
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml17
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml2
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml2
-rw-r--r--kubernetes/oof/components/oof-cmso/values.yaml12
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/values.yaml2
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml2
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/values.yaml2
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml2
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml2
-rwxr-xr-xkubernetes/oof/components/oof-has/values.yaml2
-rw-r--r--kubernetes/oof/values.yaml2
-rw-r--r--kubernetes/robot/resources/config/eteshare/config/robot_properties.py7
-rw-r--r--kubernetes/robot/values.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-be/values.yaml4
-rw-r--r--kubernetes/sdc/components/sdc-cs/values.yaml5
-rw-r--r--kubernetes/sdc/components/sdc-fe/values.yaml3
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/values.yaml4
-rwxr-xr-xkubernetes/sdnc/resources/config/bin/installSdncDb.sh4
-rw-r--r--kubernetes/vid/values.yaml2
40 files changed, 331 insertions, 47 deletions
diff --git a/docs/index.rst b/docs/index.rst
index 68b38de9aa..639e069e6d 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -1,7 +1,7 @@
.. This work is licensed under a Creative Commons Attribution 4.0
.. International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung
+.. Copyright 2018-2021 Amdocs, Bell Canada, Orange, Samsung, Nokia
.. _master_index:
@@ -15,6 +15,7 @@ OOM Documentation Repository
oom_quickstart_guide_helm3.rst
oom_user_guide.rst
oom_user_guide_helm3.rst
+ oom_setup_paas.rst
oom_developer_guide.rst
oom_cloud_setup_guide.rst
release-notes.rst
diff --git a/docs/oom_setup_paas.rst b/docs/oom_setup_paas.rst
new file mode 100644
index 0000000000..9d90558250
--- /dev/null
+++ b/docs/oom_setup_paas.rst
@@ -0,0 +1,103 @@
+.. This work is licensed under a Creative Commons Attribution 4.0
+.. International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2021 Nokia
+
+.. Links
+.. _Cert-Manager Installation documentation: https://cert-manager.io/docs/installation/kubernetes/
+.. _Cert-Manager kubectl plugin documentation: https://cert-manager.io/docs/usage/kubectl-plugin/
+
+.. _oom_setup_paas:
+
+ONAP PaaS set-up (optional)
+###########################
+
+Starting from Honolulu release, Cert-Manager and Prometheus Stack are a part
+of k8s PaaS for ONAP operations and can be optionally installed to provide
+additional functionality for ONAP engineers.
+
+The versions of PaaS compoents that are supported by OOM are as follows:
+
+.. table:: ONAP PaaS components
+
+ ============== ============= =================
+ Release Cert-Manager Prometheus Stack
+ ============== ============= =================
+ honolulu 1.2.0 13.x
+ ============== ============= =================
+
+This guide provides instructions on how to install the following PaaS
+components for ONAP:
+
+- Cert-Manager
+- Prometheus Stack
+
+Cert-Manager
+============
+
+Cert-Manager is a native Kubernetes certificate management controller.
+It can help with issuing certificates from a variety of sources, such as
+Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, self
+signed or external issuers. It ensures certificates are valid and up to
+date, and attempt to renew certificates at a configured time before expiry.
+
+Installation steps
+------------------
+
+The recommended version of Cert-Manager for Kubernetes 1.19 is v1.2.0.
+Cert-Manager is deployed using regular YAML manifests which include all
+the needed resources (the CustomResourceDefinitions, cert-manager,
+namespace, and the webhook component).
+
+Full installation instructions, including details on how to configure extra
+functionality in Cert-Manager can be found in the
+`Cert-Manager Installation documentation`_.
+
+There is also a kubectl plugin (kubectl cert-manager) that can help you
+to manage cert-manager resources inside your cluster. For installation
+steps, please refer to `Cert-Manager kubectl plugin documentation`_.
+
+Installation can be as simple as::
+
+ > kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.2.0/cert-manager.yaml
+
+Prometheus Stack
+================
+
+Prometheus is an open-source systems monitoring and alerting toolkit with
+an active ecosystem.
+
+Kube Prometheus Stack is a collection of Kubernetes manifests, Grafana
+dashboards, and Prometheus rules combined with documentation and scripts to
+provide easy to operate end-to-end Kubernetes cluster monitoring with
+Prometheus using the Prometheus Operator. As it includes both Prometheus
+Operator and Grafana dashboards, there is no need to set up them separately.
+
+Installation steps
+------------------
+
+The recommended version of kube-prometheus-stack chart for
+Kubernetes 1.19 is 13.x (which is currently the latest major chart version),
+for example 13.3.1.
+
+In order to install Prometheus Stack, you must follow these steps:
+
+- Create the namespace for Prometheus Stack::
+
+ > kubectl create namespace prometheus
+
+- Add the prometheus-community Helm repository::
+
+ > helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+
+- Update your local Helm chart repository cache::
+
+ > helm repo update
+
+- To install the kube-prometheus-stack Helm chart in latest version::
+
+ > helm install prometheus prometheus-community/kube-prometheus-stack --namespace=prometheus
+
+ To install the kube-prometheus-stack Helm chart in specific version, for example 13.3.1::
+
+ > helm install prometheus prometheus-community/kube-prometheus-stack --namespace=prometheus --version=13.3.1
diff --git a/kubernetes/aaf/components/aaf-sms/resources/config/has.json b/kubernetes/aaf/components/aaf-sms/resources/config/has.json
index 679b5189de..ef42ce98d3 100644
--- a/kubernetes/aaf/components/aaf-sms/resources/config/has.json
+++ b/kubernetes/aaf/components/aaf-sms/resources/config/has.json
@@ -38,6 +38,13 @@
"password": "${AAF_PASS}",
"aaf_conductor_user": "oof@oof.onap.org"
}
+ },
+ {
+ "name": "sdc",
+ "values": {
+ "username": "${SDC_USER}",
+ "password": "${SDC_PASS}"
+ }
}
]
}
diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
index 1341889af3..6e50620a99 100644
--- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
@@ -51,6 +51,7 @@ spec:
export OSDF_PCI_OPT_PASS=${OSDF_PCI_OPT_PASS_PLAIN};
export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN};
export SO_PASS=${SO_PASS_PLAIN};
+ export SDC_PASS=${SDC_PASS_PLAIN};
cd /config-input;
for PFILE in `find . -not -type d | grep -v -F ..`; do
envsubst <${PFILE} >/config/${PFILE};
@@ -131,6 +132,11 @@ spec:
- name: SO_PASS_PLAIN
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-creds" "key" "password") | indent 10 }}
+ - name: SDC_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "login") | indent 10 }}
+ - name: SDC_PASS_PLAIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 10 }}
+
volumeMounts:
- mountPath: /config-input
name: {{ include "common.name" . }}-preload-input
diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml
index 3b777c64f6..ab7d8fb71b 100644
--- a/kubernetes/aaf/components/aaf-sms/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/values.yaml
@@ -192,7 +192,11 @@ secrets:
login: '{{ .Values.oofCreds.soUsername }}'
password: '{{ .Values.oofCreds.soPassword }}'
passwordPolicy: required
-
+ - uid: sdc-creds
+ type: basicAuth
+ login: '{{ .Values.oofCreds.sdcUsername }}'
+ password: '{{ .Values.oofCreds.sdcPassword }}'
+ passwordPolicy: required
oofCreds:
aaiUsername: oof@oof.onap.org
aaiPassword: demo123456!
@@ -239,6 +243,9 @@ oofCreds:
soUsername: apihBpmn
soPassword: password1$
+ sdcUsername: aai
+ sdcPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+
# Configure resource requests and limits
resources:
small:
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index db1a2eb86b..7560efde26 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -24,7 +24,7 @@ global: {}
#################################################################
# application image
-image: onap/babel:1.7.1
+image: onap/babel:1.8.0
flavor: small
flavorOverride: small
diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml
index 0d8acf83a5..b235ba171c 100644
--- a/kubernetes/aai/components/aai-modelloader/values.yaml
+++ b/kubernetes/aai/components/aai-modelloader/values.yaml
@@ -21,7 +21,7 @@ global: # global defaults
# application image
-image: onap/model-loader:1.7.0
+image: onap/model-loader:1.8.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml
index ed21030dc8..f8de79d31a 100644
--- a/kubernetes/aai/components/aai-sparky-be/values.yaml
+++ b/kubernetes/aai/components/aai-sparky-be/values.yaml
@@ -28,7 +28,7 @@ global: # global defaults
serviceName: aai-search-data
# application image
-image: onap/sparky-be:2.0.2
+image: onap/sparky-be:2.0.3
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/contrib/components/awx/templates/configmap.yaml b/kubernetes/contrib/components/awx/templates/configmap.yaml
index 9bc62b0856..59900f1c64 100644
--- a/kubernetes/contrib/components/awx/templates/configmap.yaml
+++ b/kubernetes/contrib/components/awx/templates/configmap.yaml
@@ -144,3 +144,95 @@ data:
{"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}}
]
}
+---
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-nginx-conf
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app.kubernetes.io/name: {{ include "common.name" . }}
+ helm.sh/chart: {{ include "common.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+data:
+ nginx.conf: |
+ worker_processes 1;
+ pid /tmp/nginx.pid;
+ events {
+ worker_connections 1024;
+ }
+ http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+ server_tokens off;
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+ access_log /dev/stdout main;
+ map $http_upgrade $connection_upgrade {
+ default upgrade;
+ '' close;
+ }
+ sendfile on;
+ #tcp_nopush on;
+ #gzip on;
+ upstream uwsgi {
+ server 127.0.0.1:8050;
+ }
+ upstream daphne {
+ server 127.0.0.1:8051;
+ }
+ server {
+ listen 8052 default_server;
+ # If you have a domain name, this is where to add it
+ server_name _;
+ keepalive_timeout 65;
+ # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
+ add_header Strict-Transport-Security max-age=15768000;
+ add_header Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
+ add_header X-Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
+ # Protect against click-jacking https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009)
+ add_header X-Frame-Options "DENY";
+ location /nginx_status {
+ stub_status on;
+ access_log off;
+ allow 127.0.0.1;
+ deny all;
+ }
+ location /static/ {
+ alias /var/lib/awx/public/static/;
+ }
+ location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; }
+ location /websocket {
+ # Pass request to the upstream alias
+ proxy_pass http://daphne;
+ # Require http version 1.1 to allow for upgrade requests
+ proxy_http_version 1.1;
+ # We want proxy_buffering off for proxying to websockets.
+ proxy_buffering off;
+ # http://en.wikipedia.org/wiki/X-Forwarded-For
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ # enable this if you use HTTPS:
+ proxy_set_header X-Forwarded-Proto https;
+ # pass the Host: header from the client for the sake of redirects
+ proxy_set_header Host $http_host;
+ # We've set the Host header, so we don't need Nginx to muddle
+ # about with redirects
+ proxy_redirect off;
+ # Depending on the request value, set the Upgrade and
+ # connection headers
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
+ }
+ location / {
+ # Add trailing / if missing
+ rewrite ^(.*)$http_host(.*[^/])$ $1$http_host$2/ permanent;
+ uwsgi_read_timeout 120s;
+ uwsgi_pass uwsgi;
+ include /etc/nginx/uwsgi_params;
+ proxy_set_header X-Forwarded-Port 443;
+ }
+ }
+ }
diff --git a/kubernetes/contrib/components/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/templates/statefulset.yaml
index 46747cd85f..1f2c093742 100644
--- a/kubernetes/contrib/components/awx/templates/statefulset.yaml
+++ b/kubernetes/contrib/components/awx/templates/statefulset.yaml
@@ -82,6 +82,10 @@ spec:
name: awx-secret-key
readOnly: true
subPath: SECRET_KEY
+ - mountPath: /etc/nginx/nginx.conf
+ name: awx-nginx-conf
+ subPath: "nginx.conf"
+
- command: ["/bin/sh","-c"]
args: ["/usr/bin/launch_awx_task.sh"]
env:
@@ -109,6 +113,9 @@ spec:
name: awx-secret-key
readOnly: true
subPath: SECRET_KEY
+ - mountPath: /etc/nginx/nginx.conf
+ name: awx-nginx-conf
+ subPath: "nginx.conf"
- env:
- name: MY_POD_IP
valueFrom:
@@ -209,5 +216,12 @@ spec:
path: rabbitmq_definitions.json
name: {{ include "common.fullname" . }}-rabbitmq
name: rabbitmq-config
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: nginx.conf
+ path: nginx.conf
+ name: {{ include "common.fullname" . }}-nginx-conf
+ name: awx-nginx-conf
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml
index a29866da9a..02642fd3fd 100755
--- a/kubernetes/contrib/components/awx/values.yaml
+++ b/kubernetes/contrib/components/awx/values.yaml
@@ -95,7 +95,7 @@ service:
type: NodePort
portName: web
internalPort: 8052
- externalPort: 80
+ externalPort: 8052
nodePort: 78
rabbitmq:
type: ClusterIP
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index 458ec101dc..1ac3671833 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -104,7 +104,7 @@ mongo:
disableNfsProvisioner: true
# application image
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.2
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.3
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
@@ -113,11 +113,11 @@ componentImages:
holmes_rules: onap/holmes/rule-management:1.2.9
holmes_engine: onap/holmes/engine-management:1.2.9
tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1
- ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.9
- snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.5
+ ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.8.0
+ snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:2.0.4
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.6
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.6.0
- datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.5.0
+ datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.5.4
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
index 8f6432d031..50c59c8ae8 100644
--- a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
@@ -44,7 +44,7 @@ config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.0
+image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.1
pullPolicy: Always
# probe configuration parameters
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
index 356149c0dd..3366b00f20 100644
--- a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
@@ -41,7 +41,7 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.0.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
index 735b0281be..42f596db1e 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
@@ -67,6 +67,10 @@ spec:
value: {{ .Values.config.importDMaaP }}
- name: ONAP_USEDMAAPPLUGIN
value: {{ .Values.config.useDmaapPlugin | quote }}
+ - name: BP_RESOURCES_CPU_LIMIT
+ value: {{ .Values.config.bpResourcesCpuLimit }}
+ - name: BP_RESOURCES_MEMORY_LIMIT
+ value: {{ .Values.config.bpResourcesMemoryLimit }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
index 2482748e4c..521fac06a2 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -33,11 +33,13 @@ config:
#dashboardPassword: doesntmatter
mrTopicURL: http://message-router:3904/events
importCloudify: https://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml
- importK8S: plugin:k8splugin?version=>=3.4.3,<4.0.0
+ importK8S: plugin:k8splugin?version=>=3.5.1,<4.0.0
importPostgres: plugin:pgaas?version=1.3.0
importClamp: plugin:clamppolicyplugin?version=1.1.0
importDMaaP: plugin:dmaap?version=1.5.0
useDmaapPlugin: false
+ bpResourcesCpuLimit: 250m
+ bpResourcesMemoryLimit: 128Mi
secrets:
- uid: "dashsecret"
@@ -69,7 +71,7 @@ readiness:
# Should have a proper readiness endpoint or script
# application image
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.2
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.3
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties
index 4bf8f74666..04a5714a8e 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/resources/config/optimizer.properties
@@ -52,8 +52,8 @@ cmso.minizinc.command.solver=OSICBC
cmso.minizinc.command.timelimit=60000
cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn
-mechid.user=oof@oof.onap.org
-mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw==
+mechid.user=${AAF_USER}
+mechid.pass=${AAF_PASSWORD}
aaf.urls=https://aaf-locate:8095
aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml
index c1d2602713..1f96183dd5 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml
@@ -116,6 +116,10 @@ spec:
value: {{ .Values.global.truststorePassword }}
- name: AUTHENTICATION
value: {{ .Values.global.authentication }}
+ - name: AAF_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "login") | indent 10}}
+ - name: AAF_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "password") | indent 10}}
command:
- /bin/sh
args:
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml
index aa6ae1941c..d50995a615 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml
@@ -24,12 +24,12 @@ subChartsOnly:
enabled: true
# application image
-image: onap/optf-cmso-optimizer:2.3.1
+image: onap/optf-cmso-optimizer:2.3.2
pullPolicy: Always
#init container image
dbinit:
- image: onap/optf-cmso-dbinit:2.3.1
+ image: onap/optf-cmso-dbinit:2.3.2
# flag to enable debugging - application support required
debugEnabled: false
@@ -45,6 +45,12 @@ secrets:
login: '{{ .Values.config.db.user }}'
password: '{{ .Values.config.db.password }}'
passwordPolicy: required
+ - uid: cmso-aaf-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.aaf.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.aaf.user }}'
+ password: '{{ .Values.config.aaf.password }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
@@ -81,6 +87,10 @@ service:
config:
+ aaf:
+ user: user
+ password: pass
+# userCredentialsExternalSecret: some-secret
db:
port: 3306
# rootPassword: pass
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties
index 6525a4ee9c..363aecbc03 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/resources/config/cmso.properties
@@ -94,11 +94,11 @@ so.polling.interval.ms=10000
## loopback settings
so.url=http://127.0.0.1:5000/onap/so/infra/orchestrationRequests/v7
-so.user=oof@oof.onap.org
-so.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw==
+so.user=${AAF_USER}
+so.pass=${AAF_USER}
-mechid.user=oof@oof.onap.org
-mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw==
+mechid.user=${AAF_USER}
+mechid.pass=${AAF_PASSWORD}
cmso.dispatch.url=http://localhost:8089
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml
index 27d52a24ba..d9f2bd0734 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml
@@ -140,6 +140,10 @@ spec:
value: {{ .Values.global.truststorePassword }}
- name: AUTHENTICATION
value: {{ .Values.global.authentication }}
+ - name: AAF_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "login") | indent 10}}
+ - name: AAF_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "password") | indent 10}}
command:
- /bin/sh
args:
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml
index f0e62e458d..06dd478b0e 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml
@@ -23,13 +23,13 @@ subChartsOnly:
enabled: true
# application image
-image: onap/optf-cmso-service:2.3.1
-robotimage: onap/optf-cmso-robot:2.3.1
+image: onap/optf-cmso-service:2.3.2
+robotimage: onap/optf-cmso-robot:2.3.2
pullPolicy: Always
#init container image
dbinit:
- image: onap/optf-cmso-dbinit:2.3.1
+ image: onap/optf-cmso-dbinit:2.3.2
# flag to enable debugging - application support required
debugEnabled: false
@@ -44,6 +44,12 @@ secrets:
login: '{{ .Values.config.db.user }}'
password: '{{ .Values.config.db.password }}'
passwordPolicy: required
+ - uid: cmso-aaf-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.aaf.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.aaf.user }}'
+ password: '{{ .Values.config.aaf.password }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
@@ -80,6 +86,10 @@ service:
config:
+ aaf:
+ user: user
+ password: pass
+# userCredentialsExternalSecret: some-secret
db:
port: 3306
# rootPassword: pass
@@ -93,6 +103,7 @@ config:
optimizer_host: oof-cmso-optimizer
optimizer_port: 7997
+
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml
index d88e1b22c2..4f6976ed28 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-ticketmgt/values.yaml
@@ -23,7 +23,7 @@ subChartsOnly:
enabled: true
# application image
-image: onap/optf-cmso-ticketmgt:2.3.1
+image: onap/optf-cmso-ticketmgt:2.3.2
pullPolicy: Always
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml
index 56d9c7c12a..b3adb5c69c 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-topology/values.yaml
@@ -22,7 +22,7 @@ subChartsOnly:
enabled: true
# application image
-image: onap/optf-cmso-topology:2.3.1
+image: onap/optf-cmso-topology:2.3.2
pullPolicy: Always
diff --git a/kubernetes/oof/components/oof-cmso/values.yaml b/kubernetes/oof/components/oof-cmso/values.yaml
index c574a86136..c46fd0a33a 100644
--- a/kubernetes/oof/components/oof-cmso/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/values.yaml
@@ -36,6 +36,11 @@ secrets:
login: '{{ .Values.config.db.optimizer.userName }}'
password: '{{ .Values.config.db.optimizer.userPassword }}'
passwordPolicy: generate
+ - uid: cmso-aaf-creds
+ name: &aafCreds '{{ include "common.release" . }}-cmso-aaf-creds'
+ type: basicAuth
+ login: '{{ .Values.config.aaf.user }}'
+ password: '{{ .Values.config.aaf.password }}'
mariadb-galera:
replicaCount: 1
@@ -75,6 +80,9 @@ mariadb-init:
flavor: small
config:
+ aaf:
+ user: oof@oof.onap.org
+ password: demo123456!
log:
logstashServiceName: log-ls
logstashPort: 5044
@@ -115,6 +123,8 @@ oof-cmso-service:
host: *dbName
container: *dbName
mysqlDatabase: cmso
+ aaf:
+ userCredentialsExternalSecret: *aafCreds
oof-cmso-optimizer:
enabled: true
@@ -128,6 +138,8 @@ oof-cmso-optimizer:
host: *dbName
container: *dbName
mysqlDatabase: optimizer
+ aaf:
+ userCredentialsExternalSecret: *aafCreds
oof-cmso-topology:
enabled: true
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
index 0f2e01f5c7..d6743cdfda 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
@@ -16,7 +16,7 @@
global: # global defaults
nodePortPrefix: 302
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
index df50561d51..3cbf96adc1 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# Secrets metaconfig
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
index b069be6d9c..0940a9db39 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
index b069be6d9c..0940a9db39 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
index b069be6d9c..0940a9db39 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
@@ -14,7 +14,7 @@
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml
index 2891f806c3..3615a3bd33 100755
--- a/kubernetes/oof/components/oof-has/values.yaml
+++ b/kubernetes/oof/components/oof-has/values.yaml
@@ -19,7 +19,7 @@
global:
commonConfigPrefix: onap-oof-has
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
persistence:
enabled: true
diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml
index 87e6536c35..7362ec70a6 100644
--- a/kubernetes/oof/values.yaml
+++ b/kubernetes/oof/values.yaml
@@ -35,7 +35,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/optf-osdf:3.0.3
+image: onap/optf-osdf:3.0.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index 807f070aa0..674a416dc2 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -25,6 +25,7 @@ GLOBAL_INJECTED_CLI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" .
GLOBAL_INJECTED_CLOUD_ENV = 'openstack'
GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}"
GLOBAL_INJECTED_DCAE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-healthcheck") }}'
+GLOBAL_INJECTED_DCAE_MS_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-ms-healthcheck") }}'
GLOBAL_INJECTED_DCAE_VES_HOST = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-ves-collector") }}'
GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dmaap-dr-prov") }}'
GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dmaap-dr-node") }}'
@@ -165,6 +166,12 @@ GLOBAL_DCAE_HEALTH_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" .
GLOBAL_DCAE_USERNAME = '{{ .Values.dcaeUsername }}'
GLOBAL_DCAE_PASSWORD = '{{ .Values.dcaePassword}}'
GLOBAL_DCAE_AUTHENTICATION = [GLOBAL_DCAE_USERNAME, GLOBAL_DCAE_PASSWORD]
+# dcae microservice info - everything is from the private oam network (also called onap private network)
+GLOBAL_DCAE_MS_SERVER_PROTOCOL = "http"
+GLOBAL_DCAE_MS_HEALTH_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-healthcheck" "port" 8080) }}'
+GLOBAL_DCAE_MS_USERNAME = '{{ .Values.dcaeMsUsername }}'
+GLOBAL_DCAE_MS_PASSWORD = '{{ .Values.dcaeMsPassword}}'
+GLOBAL_DCAE_AUTHENTICATION = [GLOBAL_DCAE_USERNAME, GLOBAL_DCAE_PASSWORD]
# dcae hv-ves info
GLOBAL_DCAE_HVVES_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-hv-ves-collector") }}'
GLOBAL_DCAE_HVVES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-hv-ves-collector" "port" 6061) }}'
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index f8120973e2..6f54c6b340 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -325,6 +325,8 @@ appcPassword: "demo123456!"
# DCAE
dcaeUsername: "dcae@dcae.onap.org"
dcaePassword: "demo123456!"
+dcaeMsUsername: "dcae@dcae.onap.org"
+dcaeMsPassword: "demo123456!"
# DROOLS
droolsUsername: "demo@people.osaaf.org"
droolsPassword: "demo123456!"
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index e9f83b6978..77577d6ee3 100644
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -35,8 +35,8 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-backend-all-plugins:1.7.3
-backendInitImage: onap/sdc-backend-init:1.7.3
+image: onap/sdc-backend-all-plugins:1.8.4
+backendInitImage: onap/sdc-backend-init:1.8.4
pullPolicy: Always
diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
index efe6dcddea..33e32ddfbe 100644
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -38,9 +38,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.7.3
-cassandraInitImage: onap/sdc-cassandra-init:1.7.3
-
+image: onap/sdc-cassandra:1.8.4
+cassandraInitImage: onap/sdc-cassandra-init:1.8.4
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
index 0db5a390c8..079d7ad462 100644
--- a/kubernetes/sdc/components/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -47,8 +47,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-frontend:1.7.3
-
+image: onap/sdc-frontend:1.8.4
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
index 553ec72260..e34d5c5cfb 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -59,8 +59,8 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.7.3
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.7.3
+image: onap/sdc-onboard-backend:1.8.4
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.8.4
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
index 11ed7f45bf..42abf54444 100755
--- a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
+++ b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
@@ -37,8 +37,8 @@ SDNC_DB_DATABASE=${SDNC_DB_DATABASE}
# Create tablespace and user account
mysql -h ${MYSQL_HOST} -u root -p${MYSQL_PASSWORD} mysql <<-END
CREATE DATABASE IF NOT EXISTS ${SDNC_DB_DATABASE};
-CREATE USER '${SDNC_DB_USER}'@'localhost' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
-CREATE USER '${SDNC_DB_USER}'@'%' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
+CREATE USER IF NOT EXISTS '${SDNC_DB_USER}'@'localhost' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
+CREATE USER IF NOT EXISTS '${SDNC_DB_USER}'@'%' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'localhost' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'%' WITH GRANT OPTION;
flush privileges;
diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml
index 5e4a0ecc78..6b323a4a17 100644
--- a/kubernetes/vid/values.yaml
+++ b/kubernetes/vid/values.yaml
@@ -88,7 +88,7 @@ subChartsOnly:
enabled: true
# application image
-image: onap/vid:7.0.0
+image: onap/vid:8.0.2
pullPolicy: Always
# application configuration