summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/aaf/.helmignore2
-rw-r--r--kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml33
-rw-r--r--kubernetes/aaf/charts/aaf-cm/values.yaml12
-rw-r--r--kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql279
-rw-r--r--kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql25
-rw-r--r--kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql136
-rw-r--r--kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql22
-rw-r--r--kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml57
-rw-r--r--kubernetes/aaf/charts/aaf-cs/templates/pv.yaml44
-rw-r--r--kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml48
-rw-r--r--kubernetes/aaf/charts/aaf-cs/values.yaml21
-rw-r--r--kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml33
-rw-r--r--kubernetes/aaf/charts/aaf-fs/values.yaml11
-rw-r--r--kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml35
-rw-r--r--kubernetes/aaf/charts/aaf-gui/values.yaml11
-rw-r--r--kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml33
-rw-r--r--kubernetes/aaf/charts/aaf-hello/values.yaml13
-rw-r--r--kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml33
-rw-r--r--kubernetes/aaf/charts/aaf-locate/values.yaml15
-rw-r--r--kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml35
-rw-r--r--kubernetes/aaf/charts/aaf-oauth/templates/service.yaml2
-rw-r--r--kubernetes/aaf/charts/aaf-oauth/values.yaml11
-rw-r--r--kubernetes/aaf/charts/aaf-service/.helmignore21
-rw-r--r--kubernetes/aaf/charts/aaf-service/templates/deployment.yaml33
-rw-r--r--kubernetes/aaf/charts/aaf-service/values.yaml11
-rw-r--r--kubernetes/aaf/resources/config/backup/backup.sh46
-rw-r--r--kubernetes/aaf/resources/config/data/identities.dat41
-rw-r--r--kubernetes/aaf/resources/config/data/sample.identities.dat40
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.cm.props28
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.common.props43
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.fs.props25
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.gui.props46
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.locate.props23
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props51
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props22
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props25
-rw-r--r--kubernetes/aaf/resources/config/etc/org.osaaf.service.props23
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12bin2818 -> 0 bytes
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs111
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile27
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12bin4180 -> 0 bytes
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.aaf.props25
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12bin4180 -> 0 bytes
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props29
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props11
-rw-r--r--kubernetes/aaf/resources/config/local/org.osaaf.location.props12
-rw-r--r--kubernetes/aaf/resources/config/public/README.txt1
-rw-r--r--kubernetes/aaf/templates/configmap.yaml48
-rw-r--r--kubernetes/aaf/templates/job.yaml115
-rw-r--r--kubernetes/aaf/templates/pv.yaml52
-rw-r--r--kubernetes/aaf/templates/pvc.yaml57
-rw-r--r--kubernetes/aaf/values.yaml85
-rw-r--r--kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties30
-rw-r--r--kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml22
-rw-r--r--kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml4
-rw-r--r--kubernetes/aai/charts/aai-data-router/templates/configmap.yaml4
-rw-r--r--kubernetes/aai/charts/aai-data-router/templates/deployment.yaml11
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties2
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml48
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt1
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystorebin0 -> 3594 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json99
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties25
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties4
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml48
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties3
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt1
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties1
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile27
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml36
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml110
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml30
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/service.yaml30
-rw-r--r--kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties3
-rw-r--r--kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml3
-rw-r--r--kubernetes/aai/charts/aai-resources/resources/config/realm.properties3
-rw-r--r--kubernetes/aai/charts/aai-resources/templates/deployment.yaml3
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config (renamed from kubernetes/aai/charts/aai-sparky-be/resources/config/portal/roles.config)0
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/resources/config/users.config20
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml2
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml12
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/realm.properties3
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/deployment.yaml3
-rw-r--r--kubernetes/aai/values.yaml26
-rwxr-xr-xkubernetes/common/pgpool/templates/configmap.yaml12
-rw-r--r--kubernetes/common/pgpool/templates/service.yaml14
-rw-r--r--kubernetes/common/postgres/charts/pgpool/Chart.yaml (renamed from kubernetes/common/pgpool/Chart.yaml)0
-rw-r--r--kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf (renamed from kubernetes/common/pgpool/configs/pgpool.conf)10
-rw-r--r--kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf (renamed from kubernetes/common/pgpool/configs/pool_hba.conf)0
-rw-r--r--kubernetes/common/postgres/charts/pgpool/configs/pool_passwd (renamed from kubernetes/common/pgpool/configs/pool_passwd)1
-rw-r--r--kubernetes/common/postgres/charts/pgpool/requirements.yaml (renamed from kubernetes/common/pgpool/requirements.yaml)0
-rwxr-xr-x[-rw-r--r--]kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml (renamed from kubernetes/aaf/templates/secrets.yaml)10
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml (renamed from kubernetes/common/pgpool/templates/deployment.yaml)15
-rw-r--r--kubernetes/common/postgres/charts/pgpool/templates/service.yaml26
-rw-r--r--kubernetes/common/postgres/charts/pgpool/values.yaml (renamed from kubernetes/common/pgpool/values.yaml)28
-rw-r--r--kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json14
-rw-r--r--kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml10
-rw-r--r--kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml11
-rw-r--r--kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml2
-rw-r--r--kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml2
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/.helmignore21
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/Chart.yaml (renamed from kubernetes/aaf/resources/config/etc/org.osaaf.hello.props)14
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml37
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt34
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml29
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml110
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml53
-rw-r--r--kubernetes/multicloud/charts/multicloud-azure/values.yaml86
-rw-r--r--kubernetes/multicloud/charts/multicloud-ocata/templates/service.yaml16
-rw-r--r--kubernetes/multicloud/charts/multicloud-ocata/values.yaml3
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/.helmignore21
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-cs/templates/secret.yaml)12
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml47
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt34
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml28
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml110
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml61
-rw-r--r--kubernetes/multicloud/charts/multicloud-pike/values.yaml87
-rw-r--r--kubernetes/multicloud/charts/multicloud-vio/templates/service.yaml16
-rw-r--r--kubernetes/multicloud/charts/multicloud-vio/values.yaml3
-rw-r--r--kubernetes/multicloud/charts/multicloud-windriver/templates/service.yaml14
-rw-r--r--kubernetes/multicloud/charts/multicloud-windriver/values.yaml3
-rw-r--r--kubernetes/multicloud/resources/config/provider-plugin.json16
-rw-r--r--kubernetes/multicloud/templates/service.yaml16
-rw-r--r--kubernetes/multicloud/values.yaml3
-rw-r--r--kubernetes/nbi/values.yaml2
-rw-r--r--kubernetes/policy/resources/config/pe/console.conf4
-rw-r--r--kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystorebin2228 -> 0 bytes
-rw-r--r--kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jksbin0 -> 3629 bytes
-rw-r--r--kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12bin0 -> 4151 bytes
-rw-r--r--kubernetes/portal/charts/portal-app/resources/server/server.xml2
-rw-r--r--kubernetes/portal/charts/portal-app/templates/configmap.yaml1
-rw-r--r--kubernetes/portal/charts/portal-app/templates/deployment.yaml11
-rw-r--r--kubernetes/portal/charts/portal-app/templates/secret.yaml (renamed from kubernetes/aaf/resources/config/backup/cbackup.sh)23
-rw-r--r--kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql82
-rw-r--r--kubernetes/portal/values.yaml7
-rw-r--r--kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py5
-rwxr-xr-xkubernetes/robot/values.yaml4
-rw-r--r--kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties22
-rwxr-xr-xkubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml12
-rwxr-xr-xkubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml25
-rw-r--r--kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml17
-rw-r--r--kubernetes/so/charts/so-monitoring/templates/configmap.yaml18
-rw-r--r--kubernetes/so/charts/so-monitoring/templates/deployment.yaml28
-rwxr-xr-xkubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml14
-rw-r--r--kubernetes/vnfsdk/values.yaml11
149 files changed, 2091 insertions, 1692 deletions
diff --git a/kubernetes/aaf/.helmignore b/kubernetes/aaf/.helmignore
index daebc7da77..542b3390d8 100644
--- a/kubernetes/aaf/.helmignore
+++ b/kubernetes/aaf/.helmignore
@@ -18,4 +18,4 @@
# Various IDEs
.project
.idea/
-*.tmproj
+*.tmproj \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
index 11b0811af3..39544258fd 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
@@ -31,11 +31,12 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
@@ -44,13 +45,11 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/cm"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -103,12 +96,12 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml
index a149f0656f..9ddb366064 100644
--- a/kubernetes/aaf/charts/aaf-cm/values.yaml
+++ b/kubernetes/aaf/charts/aaf-cm/values.yaml
@@ -20,20 +20,14 @@ global:
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
flavor: small
-
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_cm:2.1.1
+image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
@@ -44,14 +38,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
deleted file mode 100644
index c4f77d80c9..0000000000
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
+++ /dev/null
@@ -1,279 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// Table Initialization
-// First make sure the keyspace exists.
-
-USE authz;
-
-//
-// CORE Table function
-//
-
-// Namespace - establish hierarchical authority to modify
-// Permissions and Roles
-// "scope" is flag to determine Policy. Typical important scope
-// is "company" (1)
-CREATE TABLE ns (
- name varchar,
- scope int, // deprecated 2.0.11
- description varchar,
- parent varchar,
- type int,
- PRIMARY KEY (name)
-);
-CREATE INDEX ns_parent on ns(parent);
-
-CREATE TABLE ns_attrib (
- ns varchar,
- key varchar,
- value varchar,
- PRIMARY KEY (ns,key)
-);
-create index ns_attrib_key on ns_attrib(key);
-
-// Will be cached
-CREATE TABLE role (
- ns varchar,
- name varchar,
- perms set<varchar>, // Use "Key" of "name|type|action"
- description varchar,
- PRIMARY KEY (ns,name)
-);
-CREATE INDEX role_name ON role(name);
-
-// Will be cached
-CREATE TABLE perm (
- ns varchar,
- type varchar,
- instance varchar,
- action varchar,
- roles set<varchar>, // Need to find Roles given Permissions
- description varchar,
- PRIMARY KEY (ns,type,instance,action)
-);
-
-// This table is user for Authorization
-CREATE TABLE user_role (
- user varchar,
- role varchar, // deprecated: change to ns/rname after 2.0.11
- ns varchar,
- rname varchar,
- expires timestamp,
- PRIMARY KEY(user,role)
- );
-CREATE INDEX user_role_ns ON user_role(ns);
-CREATE INDEX user_role_role ON user_role(role);
-
-// This table is only for the case where return User Credential (MechID) Authentication
-CREATE TABLE cred (
- id varchar,
- type int,
- expires timestamp,
- ns varchar,
- other int,
- notes varchar,
- cred blob,
- prev blob,
- PRIMARY KEY (id,type,expires)
- );
-CREATE INDEX cred_ns ON cred(ns);
-
-// Certificate Cross Table
-// coordinated with CRED type 2
-CREATE TABLE cert (
- fingerprint blob,
- id varchar,
- x500 varchar,
- expires timestamp,
- PRIMARY KEY (fingerprint)
- );
-CREATE INDEX cert_id ON cert(id);
-CREATE INDEX cert_x500 ON cert(x500);
-
-CREATE TABLE notify (
- user text,
- type int,
- last timestamp,
- checksum int,
- PRIMARY KEY (user,type)
-);
-
-CREATE TABLE x509 (
- ca text,
- serial blob,
- id text,
- x500 text,
- x509 text,
- PRIMARY KEY (ca,serial)
-);
-
-
-CREATE INDEX x509_id ON x509 (id);
-CREATE INDEX x509_x500 ON x509 (x500);
-
-//
-// Deployment Artifact (for Certman)
-//
-CREATE TABLE artifact (
- mechid text,
- machine text,
- type Set<text>,
- sponsor text,
- ca text,
- dir text,
- os_user text,
- ns text,
- notify text,
- expires timestamp,
- renewDays int,
- sans Set<text>,
- PRIMARY KEY (mechid,machine)
-);
-CREATE INDEX artifact_machine ON artifact(machine);
-CREATE INDEX artifact_ns ON artifact(ns);
-
-//
-// Non-Critical Table functions
-//
-// Table Info - for Caching
-CREATE TABLE cache (
- name varchar,
- seg int, // cache Segment
- touched timestamp,
- PRIMARY KEY(name,seg)
-);
-
-CREATE TABLE history (
- id timeuuid,
- yr_mon int,
- user varchar,
- action varchar,
- target varchar, // user, user_role,
- subject varchar, // field for searching main portion of target key
- memo varchar, //description of the action
- reconstruct blob, //serialized form of the target
- // detail Map<varchar, varchar>, // additional information
- PRIMARY KEY (id)
-);
-CREATE INDEX history_yr_mon ON history(yr_mon);
-CREATE INDEX history_user ON history(user);
-CREATE INDEX history_subject ON history(subject);
-
-//
-// A place to hold objects to be created at a future time.
-//
-CREATE TABLE future (
- id uuid, // uniquify
- target varchar, // Target Table
- memo varchar, // Description
- start timestamp, // When it should take effect
- expires timestamp, // When not longer valid
- construct blob, // How to construct this object (like History)
- PRIMARY KEY(id)
-);
-CREATE INDEX future_idx ON future(target);
-CREATE INDEX future_start_idx ON future(start);
-
-
-CREATE TABLE approval (
- id timeuuid, // unique Key
- ticket uuid, // Link to Future Record
- user varchar, // the user who needs to be approved
- approver varchar, // user approving
- type varchar, // approver types i.e. Supervisor, Owner
- status varchar, // approval status. pending, approved, denied
- memo varchar, // Text for Approval to know what's going on
- operation varchar, // List operation to perform
- last_notified timestamp, // Timestamp for the last time approver was notified
- PRIMARY KEY(id)
- );
-CREATE INDEX appr_approver_idx ON approval(approver);
-CREATE INDEX appr_user_idx ON approval(user);
-CREATE INDEX appr_ticket_idx ON approval(ticket);
-CREATE INDEX appr_status_idx ON approval(status);
-
-CREATE TABLE approved (
- id timeuuid, // unique Key
- user varchar, // the user who needs to be approved
- approver varchar, // user approving
- type varchar, // approver types i.e. Supervisor, Owner
- status varchar, // approval status. pending, approved, denied
- memo varchar, // Text for Approval to know what's going on
- operation varchar, // List operation to perform
- PRIMARY KEY(id)
- );
-CREATE INDEX approved_approver_idx ON approved(approver);
-CREATE INDEX approved_user_idx ON approved(user);
-
-CREATE TABLE delegate (
- user varchar,
- delegate varchar,
- expires timestamp,
- PRIMARY KEY (user)
-);
-CREATE INDEX delg_delg_idx ON delegate(delegate);
-
-// OAuth Tokens
-CREATE TABLE oauth_token (
- id text, // Reference
- client_id text, // Creating Client ID
- user text, // User requesting
- active boolean, // Active or not
- type int, // Type of Token
- refresh text, // Refresh Token
- expires timestamp, // Expiration time/Date (signed long)
- exp_sec bigint, // Seconds from Jan 1, 1970
- content text, // Content of Token
- scopes Set<text>, // Scopes
- state text, // Context string (Optional)
- req_ip text, // Requesting IP (for logging purpose)
- PRIMARY KEY(id)
-) with default_time_to_live = 21600; // 6 hours
-CREATE INDEX oauth_token_user_idx ON oauth_token(user);
-
-CREATE TABLE locate (
- name text, // Component/Server name
- hostname text, // FQDN of Service/Component
- port int, // Port of Service
- major int, // Version, Major
- minor int, // Version, Minor
- patch int, // Version, Patch
- pkg int, // Version, Package (if available)
- latitude float, // Latitude
- longitude float, // Longitude
- protocol text, // Protocol (i.e. http https)
- subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https
- port_key uuid, // Key into locate_ports
- PRIMARY KEY(name,hostname,port)
-) with default_time_to_live = 1200; // 20 mins
-
-CREATE TABLE locate_ports (
- id uuid, // Id into locate
- port int, // SubPort
- name text, // Name of Other Port
- protocol text, // Protocol of Other (i.e. JMX, DEBUG)
- subprotocol set<text>, // Accepted sub protocols or versions
- PRIMARY KEY(id, port)
-) with default_time_to_live = 1200; // 20 mins;
-
-//
-// Used by authz-batch processes to ensure only 1 runs at a time
-//
-CREATE TABLE run_lock (
- class text,
- host text,
- start timestamp,
- PRIMARY KEY ((class))
-);
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql
deleted file mode 100644
index 2951b2a197..0000000000
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql
+++ /dev/null
@@ -1,25 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// For Developer Machine single instance
-// CREATE KEYSPACE authz
-// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
-//
-//
-
-// Example of Network Topology, with Datacenter dc1 & dc2
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
-// Out of the box Docker Cassandra comes with "datacenter1", one instance
-CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' };
-//
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql
deleted file mode 100644
index 89da60f9db..0000000000
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql
+++ /dev/null
@@ -1,136 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-// Create 'org' root NS
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org','Root Namespace','.',1,1);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','admin',{'org.access|*|*'},'Org Admins');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
-
-// Create Root pass
-INSERT INTO cred (id,ns,type,cred,expires)
- VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400;
-
-
-// Create org.osaaf
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.osaaf','OSAAF Namespace','org',2,2);
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
-
-// Create org.osaaf.aaf
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
-
-
-// ONAP Specific Entities
-// ONAP initial env Namespace
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.onap','ONAP','org',2,2);
-
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.onap.portal','access','*','read',{
- 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
- },'Portal Read Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
-
-// DEMO ID (OPS)
-insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// ADMIN
-insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// DESIGNER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
-
-// TESTER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
-
-// OPS
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
-
-// GOVERNOR
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
-
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql
deleted file mode 100644
index 4b6bf44140..0000000000
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql
+++ /dev/null
@@ -1,22 +0,0 @@
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ;
-
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml
index cfece7093b..e0d500c420 100644
--- a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml
@@ -30,25 +30,31 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- hostname: {{ include "common.name" . }}
containers:
- - args:
+ - name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"]
ports:
- containerPort: {{ .Values.service.externalPort }}
- containerPort: {{ .Values.service.externalPort2 }}
- containerPort: {{ .Values.service.externalPort3 }}
- containerPort: {{ .Values.service.externalPort4 }}
+ env:
+ - name: CASSANDRA_CLUSTER_NAME
+ value: "osaaf"
+ - name: CASSANDRA_DC
+ value: "dc1"
+ - name: HEAP_NEWSIZE
+ value: "512M"
+ - name: MAX_HEAP_SIZE
+ value: "1024M"
volumeMounts:
- - mountPath: /data
- name: aaf-cs-data
+ - mountPath: /var/lib/cassandra
+ name: cassandra-storage
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -57,25 +63,12 @@ spec:
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort3 }}
+ exec:
+ command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"]
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- lifecycle:
- postStart:
- exec:
- command:
- - /bin/sh
- - -c
- - >
- /bin/sleep {{ .Values.readiness.initialDelaySeconds }};
- cd /data/;
- cqlsh -u root -p root -f keyspace.cql ;
- cqlsh -u root -p root -f init.cql ;
- cqlsh -u root -p root -f osaaf.cql ;
- cqlsh -u root -p root -f temp_identity.cql
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . | indent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
@@ -85,11 +78,15 @@ spec:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-cs-data
- secret:
- secretName: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: cassandra-storage
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml
new file mode 100644
index 0000000000..4209179af8
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cs/templates/pv.yaml
@@ -0,0 +1,44 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}} \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml
new file mode 100644
index 0000000000..b102ffa08d
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cs/templates/pvc.yaml
@@ -0,0 +1,48 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}} \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cs/values.yaml b/kubernetes/aaf/charts/aaf-cs/values.yaml
index 73dac29fab..a914b542f4 100644
--- a/kubernetes/aaf/charts/aaf-cs/values.yaml
+++ b/kubernetes/aaf/charts/aaf-cs/values.yaml
@@ -24,12 +24,9 @@ flavor: small
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: library/cassandra:3.11
+image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
# application configuration
config: {}
@@ -42,14 +39,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 120
periodSeconds: 10
service:
@@ -87,4 +84,14 @@ resources:
requests:
cpu: 40m
memory: 9000Mi
- unlimited: {} \ No newline at end of file
+ unlimited: {}
+
+persistence:
+ enabled: true
+ #existingClaim:
+ mountPath: /dockerdata-nfs
+ mountSubPath: "cass"
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 10Gi
+ storageClass: "manual" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
index d269dc6536..5125eb161e 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
@@ -31,11 +31,12 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
@@ -44,13 +45,11 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/fs"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -103,12 +96,12 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml
index 0e3a81a9c6..0f0d7c47e7 100644
--- a/kubernetes/aaf/charts/aaf-fs/values.yaml
+++ b/kubernetes/aaf/charts/aaf-fs/values.yaml
@@ -25,14 +25,9 @@ flavor: small
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_fs:2.1.1
+image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
index b24a008fac..24c8e68cec 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
@@ -31,11 +31,12 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
@@ -44,14 +45,12 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- - aaf-locate
+ - aaf-cm
env:
- name: NAMESPACE
valueFrom:
@@ -60,23 +59,17 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/gui"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -103,12 +96,12 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml
index 5665d1df4f..d44ac5ed46 100644
--- a/kubernetes/aaf/charts/aaf-gui/values.yaml
+++ b/kubernetes/aaf/charts/aaf-gui/values.yaml
@@ -25,14 +25,9 @@ flavor: small
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_gui:2.1.1
+image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
index c76c0849ab..f932228cd9 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
@@ -31,11 +31,12 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
@@ -44,13 +45,11 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/hello"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -103,12 +96,12 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml
index 6fcf861420..9f694be8b8 100644
--- a/kubernetes/aaf/charts/aaf-hello/values.yaml
+++ b/kubernetes/aaf/charts/aaf-hello/values.yaml
@@ -19,20 +19,15 @@ global:
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
+flavor: small
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_hello:2.1.1
+image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
index 6e69f2c7ef..a3a9e285cf 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
@@ -31,11 +31,12 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
@@ -44,12 +45,12 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
+ - aaf-service
env:
- name: NAMESPACE
valueFrom:
@@ -58,23 +59,17 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/locate"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -101,12 +96,12 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml
index c9240025f1..ba1e56373c 100644
--- a/kubernetes/aaf/charts/aaf-locate/values.yaml
+++ b/kubernetes/aaf/charts/aaf-locate/values.yaml
@@ -19,24 +19,15 @@ global:
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
-# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines.
-# persistence:
-# mountPath: /dockerdata
flavor: small
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_locate:2.1.1
+image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
@@ -47,14 +38,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
index fd4ae21708..06cf2736ef 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
@@ -31,11 +31,12 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
@@ -44,13 +45,11 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
- - /root/ready.py
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
@@ -60,23 +59,17 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/oauth"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -103,12 +96,12 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
index 281aa1cc8d..d94bcae31c 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
@@ -26,8 +26,6 @@ spec:
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
- #Example internal target port if required
- #targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName }}
{{- else -}}
diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml
index 943ad16109..e52075a447 100644
--- a/kubernetes/aaf/charts/aaf-oauth/values.yaml
+++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml
@@ -25,14 +25,9 @@ flavor: small
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_oauth:2.1.1
+image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
diff --git a/kubernetes/aaf/charts/aaf-service/.helmignore b/kubernetes/aaf/charts/aaf-service/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-service/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
index a07d06fd0a..c3c140a35d 100644
--- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
@@ -31,11 +31,12 @@ spec:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
@@ -44,14 +45,12 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- aaf-cs
- - --container-name
- - aaf-locate
env:
- name: NAMESPACE
valueFrom:
@@ -60,23 +59,17 @@ spec:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/service"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -103,12 +96,12 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml
index 5ad31ffdda..7ec6364f3c 100644
--- a/kubernetes/aaf/charts/aaf-service/values.yaml
+++ b/kubernetes/aaf/charts/aaf-service/values.yaml
@@ -25,14 +25,9 @@ flavor: small
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_service:2.1.1
+image: onap/aaf/aaf_service:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
@@ -43,14 +38,14 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
diff --git a/kubernetes/aaf/resources/config/backup/backup.sh b/kubernetes/aaf/resources/config/backup/backup.sh
deleted file mode 100644
index 0cc2f6287f..0000000000
--- a/kubernetes/aaf/resources/config/backup/backup.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# BEGIN Store prev
-BD=/opt/app/osaaf/backup
-if [ -e "$BD/6day" ]; then
- rm -Rf $BD/6day
-fi
-
-PREV=$BD/6day
-for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do
- if [ -e "$D" ]; then
- mv "$D" "$PREV"
- fi
- PREV="$D"
-done
-
-if [ -e "$BD/today" ]; then
- if [ -e "$BD/backup.log" ]; then
- mv $BD/backup.log $BD/today
- fi
- gzip $BD/today/*
- mv $BD/today $BD/yesterday
-fi
-
-mkdir $BD/today
-
-# END Store prev
-date
-docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup"
-docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
-# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh"
-docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh
-docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today
-date
diff --git a/kubernetes/aaf/resources/config/data/identities.dat b/kubernetes/aaf/resources/config/data/identities.dat
deleted file mode 100644
index cb7f01db20..0000000000
--- a/kubernetes/aaf/resources/config/data/identities.dat
+++ /dev/null
@@ -1,41 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-# 0 - unique ID
-# 1 - full name
-# 2 - first name
-# 3 - last name
-# 4 - phone
-# 5 - official email
-# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/resources/config/data/sample.identities.dat b/kubernetes/aaf/resources/config/data/sample.identities.dat
deleted file mode 100644
index cf2ca6dcb6..0000000000
--- a/kubernetes/aaf/resources/config/data/sample.identities.dat
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-# 0 - unique ID
-# 1 - full name
-# 2 - first name
-# 3 - last name
-# 4 - phone
-# 5 - official email
-# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props b/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props
deleted file mode 100644
index ccd8a3329e..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.cm.props
-## AAF Certificate Manager properties
-## Note: Link to CA Properties in "local" dir
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props
-aaf_component=AAF_NS.cm:2.1.0.0
-port=8150
-cadi_registration_hostname={{.Values.config.cmServiceName}}
-#Certman
-cm_public_dir=/opt/app/osaaf/public
-cm_trust_cas=AAF_RootCA.cer
-
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.common.props b/kubernetes/aaf/resources/config/etc/org.osaaf.common.props
deleted file mode 100644
index 052a2ec901..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.common.props
+++ /dev/null
@@ -1,43 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-############################################################
-# Common properties for all AAF Components
-# on 2018-03-02 06:59.628-0500
-############################################################
-# Pull in Global Coordinates and Certificate Information
-aaf_root_ns=org.osaaf.aaf
-aaf_trust_perm=org.osaaf.aaf|org.onap|trust
-
-cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props
-cadi_protocols=TLSv1.1,TLSv1.2
-
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
-cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login
-
-# Standard for this App/Machine
-aaf_env=DEV
-aaf_data_dir=/opt/app/osaaf/data
-cadi_loglevel=DEBUG
-
-# Domain Support (which will accept)
-aaf_domain_support=.com:.org
-
-# Basic Auth
-aaf_default_realm=people.osaaf.org
-
-# OAuth2
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props
deleted file mode 100644
index 266e08e74b..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.fs:2.1.0.0
-port=8096
-cadi_registration_hostname={{.Values.config.fsServiceName}}
-
-aaf_public_dir=/opt/app/osaaf/public
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props b/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props
deleted file mode 100644
index 6c40b40c34..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props
+++ /dev/null
@@ -1,46 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.gui:2.1.0.0
-port=8200
-cadi_registration_hostname={{.Values.config.guiServiceName}}
-
-aaf_gui_title=AAF
-aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved.
-aaf_gui_theme=theme/onap
-cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login
-
-# GUI URLS and Help URLS
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-gw_url=https://{{.Values.config.locateServiceName}}:8095
-fs_url=http://{{.Values.config.fsServiceName}}:8096
-
-aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding
-aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt
-
-aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation
-aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide
-aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF
-aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide
-#aaf_url.cadi_help=
-aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar
-aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134
-aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F
-aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props b/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props
deleted file mode 100644
index 1026dd85bd..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.locator:2.1.0.0
-port=8095
-cadi_registration_hostname={{.Values.config.locateServiceName}}
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props b/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props
deleted file mode 100644
index 9f10802821..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props
+++ /dev/null
@@ -1,51 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.INIT.File=${LOG4J_FILENAME_init}
-log4j.appender.INIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.INIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.SRVR.File=${LOG4J_FILENAME_service}
-log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd
-log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout
-log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n
-
-log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit}
-log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
-
-# General Apache libraries
-log4j.rootLogger=WARN.SRVR
-log4j.logger.org.apache=WARN,SRVR
-log4j.logger.com.datastax=WARN,SRVR
-log4j.logger.init=INFO,INIT
-log4j.logger.service=${LOGGING_LEVEL},SRVR
-log4j.logger.audit=INFO,AUDIT
-# Additional configs, not cauth with Root Logger
-log4j.logger.io.netty=INFO,SRVR
-log4j.logger.org.eclipse=INFO,SRVR
-
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props b/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props
deleted file mode 100644
index d2a5b97ec2..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props
+++ /dev/null
@@ -1,22 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.oauth:2.1.0.0
-port=8140
-cadi_registration_hostname={{.Values.config.oauthServiceName}}
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props
deleted file mode 100644
index c609de2027..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# Define Organizations for use in some of the components. Not all use them
-#
-Organization.org.osaaf=org.onap.aaf.org.DefaultOrg
-org.osaaf.mailHost=smtp.mail.att.com
-org.osaaf.mailFrom=DL-aaf-support@aaf.att.com
-org.osaaf.default=true
-org.osaaf.also_supports=org.osaaf.people
-
-
-
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.service.props b/kubernetes/aaf/resources/config/etc/org.osaaf.service.props
deleted file mode 100644
index adb9032929..0000000000
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.service.props
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.service
-## AAF Service Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.service:2.1.0.0
-port=8100
-cadi_registration_hostname={{.Values.config.serviceServiceName}}
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12
deleted file mode 100644
index 63aedd2560..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11
deleted file mode 100644
index 05fe60fe6a..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.pkcs11
+++ /dev/null
@@ -1 +0,0 @@
-name = localca
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile
deleted file mode 100644
index 7206ad9325..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile
+++ /dev/null
@@ -1,27 +0,0 @@
-rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0
-sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng
-tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF
-Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz
-AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb
-yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By
-qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL
-y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco
-6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj
-4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz
--KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f
-Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC
-kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR
-PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3
-YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg
-yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN
-jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_
-biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1
-ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My
-c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf
-GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE
-G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw
-BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS
-acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d
-QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_
-2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im
-3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a \ No newline at end of file
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12
deleted file mode 100644
index ac1dece85c..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props
deleted file mode 100644
index 21910eb627..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-#hostname=aaf.osaaf.org
-aaf_env=DEV
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile
-cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12
-cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb
-#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
-cadi_alias=aaf-authz@aaf.osaaf.org
-cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12
-cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12
deleted file mode 100644
index d01e8569ab..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props b/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props
deleted file mode 100644
index 17f238b851..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props
+++ /dev/null
@@ -1,29 +0,0 @@
-############################################################
-# Cassandra properties for AAF Components needing
-# on 2018-03-02 06:59.628-0500
-############################################################
-# LOCAL Cassandra
-cassandra.clusters={{.Values.config.csServiceName}}
-cassandra.clusters.port=9042
-#need this to be fully qualified name when REAL AAF integration
-cassandra.clusters.user=cassandra
-cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV
-
-# Name for exception that has happened in the past
-cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
-
-# Example Consistency Settings for Clusters with at least instances
-#cassandra.writeConsistency.ns=LOCAL_QUORUM
-#cassandra.writeConsistency.perm=LOCAL_QUORUM
-#cassandra.writeConsistency.role=LOCAL_QUORUM
-#cassandra.writeConsistency.user_role=LOCAL_QUORUM
-#cassandra.writeConsistency.cred=LOCAL_QUORUM
-#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
-
-# Consistency Settings when Single Instance
-cassandra.writeConsistency.ns=ONE
-cassandra.writeConsistency.perm=ONE
-cassandra.writeConsistency.role=ONE
-cassandra.writeConsistency.user_role=ONE
-cassandra.writeConsistency.cred=ONE
-cassandra.writeConsistency.ns_attrib=ONE
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props b/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props
deleted file mode 100644
index 8843705cbb..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props
+++ /dev/null
@@ -1,11 +0,0 @@
-##
-## org.osaaf.cm.ca.props
-## Properties to access Certifiate Authority
-##
-
-#Certman
-cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw
-cm_ca.local.idDomains=org.osaaf
-cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US
-cm_ca.local.perm_type=org.osaaf.aaf.ca
-
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.location.props b/kubernetes/aaf/resources/config/local/org.osaaf.location.props
deleted file mode 100644
index fd52d6db11..0000000000
--- a/kubernetes/aaf/resources/config/local/org.osaaf.location.props
+++ /dev/null
@@ -1,12 +0,0 @@
-##
-## org.osaaf.location.props
-##
-## Localized Machine Information
-##
-# Almeda California
-cadi_latitude=37.78187
-cadi_longitude=-122.26147
-
-#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org
-cadi_trust_masks=10.12.6/24
-aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095
diff --git a/kubernetes/aaf/resources/config/public/README.txt b/kubernetes/aaf/resources/config/public/README.txt
deleted file mode 100644
index 48aaa96feb..0000000000
--- a/kubernetes/aaf/resources/config/public/README.txt
+++ /dev/null
@@ -1 +0,0 @@
-Public directory left empty on purpose. Content of https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=tree;f=auth/sample/public;h=1b387b7858134f80446f006b6d570fa534da3153;hb=refs/heads/master is cloned and mounted into AAF container volume via init container. This is done to dramatically reduce the size of configuration that was being put into a configmap that was exceeding helm configmap limit of 1MB per deployment.
diff --git a/kubernetes/aaf/templates/configmap.yaml b/kubernetes/aaf/templates/configmap.yaml
deleted file mode 100644
index 9d21e057d6..0000000000
--- a/kubernetes/aaf/templates/configmap.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-backup
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-local
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-etc
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-data
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aaf/templates/job.yaml b/kubernetes/aaf/templates/job.yaml
index 719b6dc2c2..103b908491 100644
--- a/kubernetes/aaf/templates/job.yaml
+++ b/kubernetes/aaf/templates/job.yaml
@@ -15,7 +15,7 @@
apiVersion: batch/v1
kind: Job
metadata:
- name: {{ include "common.fullname" . }}-create-config
+ name: {{ .Release.Name }}-create-config
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -29,79 +29,28 @@ spec:
app: aaf-init-job
release: {{ .Release.Name }}
spec:
- initContainers:
- - name: {{ include "common.name" . }}-inject-config
- command:
- - /bin/bash
- - -c
- - >
- git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
- echo "Clone complete. Copying from /tmp/gerrit/ to /public";
- cp -rf /tmp/gerrit/auth/sample/public/* /public;
- echo "Done.";
- image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: aaf-public
- mountPath: "/public"
containers:
- - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"]
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ - name: {{ include "common.name" . }}-config-container
+ image: "{{ include "common.repository" . }}/{{ .Values.aaf_config.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: aaf-init-job
volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /data
- name: aaf-persistent-data
- - mountPath: /data1/etc
- name: aaf-etc
- - mountPath: /data1/data
- name: aaf-data
- - mountPath: /data1/public/iframe_denied_test.html
- name: aaf-public
- subPath: iframe_denied_test.html
- - mountPath: /data1/public/aaf_2_0.xsd
- name: aaf-public
- subPath: aaf_2_0.xsd
- - mountPath: /data1/public/truststoreONAP.p12
- name: aaf-public
- subPath: truststoreONAP.p12
- - mountPath: /data1/public/AAF_RootCA.cer
- name: aaf-public
- subPath: AAF_RootCA.cer
- - mountPath: /data1/public/truststoreONAPall.jks
- name: aaf-public
- subPath: truststoreONAPall.jks
- - mountPath: /data1/local/org.osaaf.location.props
- name: aaf-local
- subPath: org.osaaf.location.props
- - mountPath: /data1/local/org.osaaf.cm.ca.props
- name: aaf-local
- subPath: org.osaaf.cm.ca.props
- - mountPath: /data1/local/org.osaaf.cassandra.props
- name: aaf-local
- subPath: org.osaaf.cassandra.props
- - mountPath: /data1/local/org.osaaf.aaf.props
- name: aaf-local
- subPath: org.osaaf.aaf.props
- - mountPath: /data1/local/org.osaaf.aaf.trust.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.trust.p12
- - mountPath: /data1/local/org.osaaf.aaf.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.p12
- - mountPath: /data1/local/org.osaaf.aaf.keyfile
- name: aaf-local-secret
- subPath: org.osaaf.aaf.keyfile
- - mountPath: /data1/local/org.osaaf.aaf.cm.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.cm.p12
- - mountPath: /data1/backup
- name: aaf-backup
- - mountPath: /share
- name: aaf-public
+ - mountPath: "/opt/app/osaaf"
+ name: {{ include "common.name" . }}-config-vol
+ env:
+ - name: HOSTNAME
+ value: "{{ .Values.global.cadi.hostname }}"
+ - name: AAF_ENV
+ value: "{{ .Values.global.cadi.aaf_env }}"
+ - name: AAF_REGISTER_AS
+ value: "{{ .Values.global.cadi.aaf_register_as }}"
+ - name: LATITUDE
+ value: "{{ .Values.global.cadi.cadi_latitude }}"
+ - name: LONGITUDE
+ value: "{{ .Values.global.cadi.cadi_longitude }}"
+ - name: CASS_HOST
+ value: "{{ .Values.global.cassandraServiceName }}"
+ - name: AAF_LOCATOR_AS
+ value: "{{ .Values.global.locateServiceName }}"
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -113,33 +62,13 @@ spec:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-local-secret
- secret:
- secretName: {{ .Release.Name }}-aaf-local-secret
- - name: aaf-etc
- configMap:
- name: {{ .Release.Name }}-aaf-etc
- - name: aaf-local
- configMap:
- name: {{ .Release.Name }}-aaf-local
- - name: aaf-backup
- configMap:
- name: {{ .Release.Name }}-aaf-backup
- - name: aaf-data
- configMap:
- name: {{ .Release.Name }}-aaf-data
- - name: aaf-persistent-data
+ - name: {{ include "common.name" . }}-config-vol
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
- - name: aaf-public
- emptyDir: {}
restartPolicy: OnFailure
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/pv.yaml b/kubernetes/aaf/templates/pv.yaml
index d9b58f62ad..9d28184985 100644
--- a/kubernetes/aaf/templates/pv.yaml
+++ b/kubernetes/aaf/templates/pv.yaml
@@ -14,24 +14,60 @@
# limitations under the License.
*/}}
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ .Release.Name }}-config
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.name" . }}-config
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
name: {{ include "common.fullname" . }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ .Values.persistence.config.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ .Values.persistence.config.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-logs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-logs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.logs.size}}
+ accessModes:
+ - {{ .Values.persistence.logs.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.logs.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.logs.mountSubPath }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/aaf/templates/pvc.yaml b/kubernetes/aaf/templates/pvc.yaml
index 255c27751c..a9c8b908eb 100644
--- a/kubernetes/aaf/templates/pvc.yaml
+++ b/kubernetes/aaf/templates/pvc.yaml
@@ -14,35 +14,68 @@
# limitations under the License.
*/}}
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ .Release.Name }}-aaf-pvc
+ name: {{ .Release.Name }}-config
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.name" . }}-config
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
+{{- if .Values.persistence.config.annotations }}
annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{ toYaml .Values.persistence.config.annotations | indent 4 }}
{{- end }}
spec:
selector:
matchLabels:
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.name" . }}-config
accessModes:
- - {{ .Values.persistence.accessMode }}
+ - {{ .Values.persistence.config.accessMode }}
resources:
requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
+ storage: {{ .Values.persistence.config.size }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
storageClassName: ""
{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
{{- end }}
{{- end }}
-{{- end -}}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-logs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-logs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.logs.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.logs.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}-logs
+ accessModes:
+ - {{ .Values.persistence.logs.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.logs.size }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}} \ No newline at end of file
diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml
index 931a31dc65..4cc69c264b 100644
--- a/kubernetes/aaf/values.yaml
+++ b/kubernetes/aaf/values.yaml
@@ -23,21 +23,22 @@ global:
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
persistence:
enabled: true
+
+ cadi:
+ hostname: "aaf.onap"
+ cadi_latitude: "38.0"
+ cadi_longitude: "-72.0"
+ aaf_env: "DEV"
+ aaf_register_as: "aaf.onap"
+ cassandraServiceName: aaf-cass
+ locateServiceName: aaf-locate
+
#################################################################
# Application configuration defaults.
#################################################################
-config:
- serviceServiceName: aaf-service
- locateServiceName: aaf-locate
- cmServiceName: aaf-cm
- fsServiceName: aaf-fs
- guiServiceName: aaf-gui
- helloServiceName: aaf-hello
- oauthServiceName: aaf-oauth
- csServiceName: aaf-cass
- # gerrit branch where the latest aaf/auth/sample/public code exists
- gerritProject: http://gerrit.onap.org/r/aaf/authz.git
- gerritBranch: 2.0.0-ONAP
+repository: nexus3.onap.org:10001
+aaf_config:
+ image: onap/aaf/aaf_config:2.1.2-SNAPSHOT
flavor: small
# default number of instances
@@ -64,39 +65,31 @@ ingress:
## Persist data to a persitent volume
persistence:
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
+ mountPath: "/mnt/data/aaf"
+ enabled: true
+ config:
+ #existingClaim:
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountSubPath: "config"
+ storageClass: "manual"
+ logs:
+ #existingClaim:
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountSubPath: "logs"
+ storageClass: "manual"
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteMany
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: aaf/data
+aaf-cs:
+ persistence:
+ #existingClaim:
+ mountPath: /dockerdata-nfs
+ mountSubPath: "cass"
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 10Gi
+ storageClass: "manual"
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 2
- memory: 3Gi
- requests:
- cpu: 2
- memory: 3Gi
- large:
- limits:
- cpu: 4
- memory: 6Gi
- requests:
- cpu: 4
- memory: 6Gi
- unlimited: {}
+resources: {} \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties b/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties
index d0916515fe..8c680b5820 100644
--- a/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties
+++ b/kubernetes/aai/charts/aai-data-router/resources/config/schemaIngest.properties
@@ -20,13 +20,27 @@
# ============LICENSE_END=========================================================
#
-# Properties for the SchemaLocationsBean
-# The AAI Schema jar will be unpacked to bundleconfig/etc
-schemaConfig=NA
-# OXM files named aai_oxm_v*.xml are unpacked here:
-nodeDir=/opt/app/data-router/bundleconfig/etc/oxm
-# DB Edge Rules are unpacked here:
+# Properties for the SchemaLocationsBean
+# Files named aai_oxm_v*.xml are unpacked here:
+nodeDir=/opt/app/data-router/onap/oxm
+# Dummy folder/directory:
edgeDir=
-# DB Edge Property files are copied here:
-edgePropsDir=
+
+# Properties required by the aai-common - aai-schema-ingest lib as of 1.3.0
+schema.configuration.location=N/A
+schema.nodes.location=/opt/app/data-router/onap/oxm/
+schema.edges.location=
+# These versions need to exist if they are included in the list
+schema.version.list=v9,v10,v11,v12,v13,v14
+# Decalares the oxm version to load
+schema.version.api.default=v14
+
+# Don't use these properties in our application, need to be set to prevent an exception on startup (see SchemaVersions bean)
+schema.version.depth.start=v14
+schema.version.related.link.start=v14
+schema.version.app.root.start=v14
+schema.version.namespace.change.start=v14
+schema.version.edge.label.start=v14
+~
+
diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml
new file mode 100644
index 0000000000..c945c39876
--- /dev/null
+++ b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml
@@ -0,0 +1,22 @@
+<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd
+ http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd">
+
+ <context:property-placeholder
+ location="file:${CONFIG_HOME}/schemaIngest.properties"
+ ignore-unresolvable="true" />
+
+ <bean id="schemaLocationsBean" class="org.onap.aai.setup.SchemaLocationsBean">
+ <!-- When running with AJSC these properties must be injected directly.
+ The reason for this is unknown. -->
+ <property name="nodeDirectory" value="${nodeDir}" />
+ <property name="edgeDirectory" value="${edgeDir}" />
+ </bean>
+
+ <bean id="schemaVersions" class="org.onap.aai.setup.SchemaVersions"/>
+
+</beans>
+
diff --git a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml
index 60e71ecfb0..b5e4129595 100644
--- a/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml
+++ b/kubernetes/aai/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml
@@ -32,6 +32,8 @@
<property name="searchCertName" value="client-cert-onap.p12" />
<property name="searchKeystorePwd" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
<property name="searchKeystore" value="tomcat_keystore" />
+ <property name="schemaVersions" ref="schemaVersions" />
+ <property name="schemaLocationsBean" ref="schemaLocationsBean" />
</bean>
<bean id="consumerBeanEntityEvent" class="org.onap.aai.event.client.DMaaPEventConsumer" >
@@ -45,7 +47,7 @@
<constructor-arg name="messageLimit" value="100" />
<constructor-arg name="transportType" value="HTTPAUTH" />
<constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
- <constructor-arg name="contentType" value="application/json" />
+ <constructor-arg name="filter"><null /></constructor-arg>
</bean>
<bean id="entityEventPolicy" class="org.onap.aai.datarouter.policy.EntityEventPolicy" init-method="startup" >
diff --git a/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml b/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml
index 23d3dbbcb9..c8532b2ffc 100644
--- a/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-data-router/templates/configmap.yaml
@@ -37,7 +37,9 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/dynamic/routes/entity-event.route").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/conf/data-router-oxm.xml").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/dynamic/conf/entity-event-policy.xml").AsConfig . | indent 2 }}
+
---
apiVersion: v1
kind: ConfigMap
@@ -63,4 +65,4 @@ metadata:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} \ No newline at end of file
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml b/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml
index 83542dabe5..a7ecbce96a 100644
--- a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml
@@ -94,11 +94,17 @@ spec:
- mountPath: /opt/app/data-router/dynamic/conf/entity-event-policy.xml
subPath: entity-event-policy.xml
name: {{ include "common.fullname" . }}-dynamic-policy
+ - mountPath: /opt/app/data-router/dynamic/conf/data-router-oxm.xml
+ subPath: data-router-oxm.xml
+ name: {{ include "common.fullname" . }}-dynamic-oxm
- mountPath: /opt/app/data-router/bundleconfig/etc/logback.xml
name: {{ include "common.fullname" . }}-logback-config
subPath: logback.xml
- mountPath: /var/log/onap
name: {{ include "common.fullname" . }}-logs
+ - mountPath: /logs
+ name: {{ include "common.fullname" . }}-logs
+
ports:
- containerPort: {{ .Values.service.internalPort }}
{{- if eq .Values.liveness.enabled true }}
@@ -126,6 +132,8 @@ spec:
name: filebeat-conf
- mountPath: /var/log/onap
name: {{ include "common.fullname" . }}-logs
+ - mountPath: /logs
+ name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: aai-filebeat
volumes:
@@ -154,6 +162,9 @@ spec:
- name: {{ include "common.fullname" . }}-dynamic-policy
configMap:
name: {{ include "common.fullname" . }}-dynamic
+ - name: {{ include "common.fullname" . }}-dynamic-oxm
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- name: {{ include "common.fullname" . }}-logback-config
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000000..dbf4fcacec
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000000..9eec841aa2
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000000..f512fb71a6
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000000..3a35b76f7b
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/AAF-FPS" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </logger>
+
+</configuration> \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000000..79cf29e73c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000000..dbf4fcacec
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000000..99129c145f
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000000..e468b3d7bd
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,99 @@
+[
+ {
+ "uri": "\/not\/allowed\/at\/all$",
+ "permissions": [
+ "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+ ]
+ },
+ {
+ "uri": "\/one\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/multi\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aMultipleAuth1",
+ "test.auth.access.aMultipleAuth2",
+ "test.auth.access.aMultipleAuth3"
+ ]
+ },
+ {
+ "uri": "\/one\/[^\/]+\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/services\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/admin\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|admin|GET,PUT,POST"
+ ]
+ },
+ {
+ "uri": "\/service\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/services\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/$",
+ "permissions": [
+ "\\|services\\|GET",
+ "test\\.auth\\.access\\|services\\|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+ "permissions": [
+ "test\\.auth\\.access\\|rest\\|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read",
+ "test.auth.access|vservers|read"
+ ]
+ },
+ {
+ "uri": "\/backend$",
+ "permissions": [
+ "test\\.auth\\.access\\|services\\|GET,PUT",
+ "\\|services\\|GET"
+ ]
+ },
+ {
+ "uri": "\/services\/inventory\/.*",
+ "permissions": [
+ "org\\.access\\|\\*\\|\\*"
+ ]
+ },
+ {
+ "uri": "\/services\/gizmo\/.*",
+ "permissions": [
+ "org\\.access\\|\\*\\|\\*"
+ ]
+ }
+]
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
new file mode 100644
index 0000000000..a82e38caf6
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
@@ -0,0 +1,25 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# Configure AAF
+aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties
new file mode 100644
index 0000000000..1b58d4235c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml
new file mode 100644
index 0000000000..289fe7512c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/reverse-proxy" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="debug">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </logger>
+
+</configuration>
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties
new file mode 100644
index 0000000000..8ab780edcb
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9520
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt
new file mode 100644
index 0000000000..79cf29e73c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties
new file mode 100644
index 0000000000..8d46e1f429
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile
new file mode 100644
index 0000000000..6cd12fcfb4
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile
@@ -0,0 +1,27 @@
+bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
+1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
+xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
+BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
+6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
+QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
+zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
+x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
+8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
+FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
+UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
+banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
+6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
+yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
+xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
+lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
+ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
+fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
+1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
+liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
+0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
+PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
+8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
+dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
+-85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
+c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
+uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml b/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml
index 8d8a8fa008..a25dcbc806 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml
@@ -64,3 +64,39 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+{{ end }}
+
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
index 278a8f5ffa..1e68712749 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
@@ -31,6 +31,19 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ {{ if .Values.global.installSidecarSecurity }}
+ hostAliases:
+ - ip: {{ .Values.global.aaf.serverIp }}
+ hostnames:
+ - {{ .Values.global.aaf.serverHostname }}
+
+ initContainers:
+ - name: {{ .Values.global.tproxyConfig.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ privileged: true
+ {{ end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -111,6 +124,79 @@ spec:
- mountPath: /usr/share/filebeat/data
name: {{ include "common.fullname" . }}-data-filebeat
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.rproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/rproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.rproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/forward-proxy.properties
+ subPath: forward-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/primary-service.properties
+ subPath: primary-service.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+ subPath: reverse-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/cadi.properties
+ subPath: cadi.properties
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ mountPath: /opt/app/rproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
+ subPath: aaf_truststore.jks
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ mountPath: /opt/app/rproxy/config/security/keyfile
+ subPath: keyfile
+
+ ports:
+ - containerPort: {{ .Values.global.rproxy.port }}
+
+ - name: {{ .Values.global.fproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/fproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.fproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ mountPath: /opt/app/fproxy/config/fproxy.properties
+ subPath: fproxy.properties
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ mountPath: /opt/app/fproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ ports:
+ - containerPort: {{ .Values.global.fproxy.port }}
+ {{ end }}
+
volumes:
- name: localtime
hostPath:
@@ -144,5 +230,29 @@ spec:
- name: {{ include "common.fullname" . }}-model-config
configMap:
name: {{ include "common.fullname" . }}-model-configmap
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ {{ end }}
+
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
index 58d57697da..7db76055d1 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
@@ -40,3 +40,33 @@ type: Opaque
data:
KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
+{{ end }}
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml b/kubernetes/aai/charts/aai-gizmo/templates/service.yaml
index 88948cfdf5..ac34ed9248 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/service.yaml
@@ -27,15 +27,27 @@ metadata:
spec:
type: {{ .Values.service.type }}
ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
+ {{ if .Values.global.installSidecarSecurity }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.global.rproxy.port }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ else }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ end }}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties
index 573cd2a11d..97627eac16 100644
--- a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties
+++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties
@@ -16,7 +16,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
@@ -39,3 +38,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml
index 5b23fa6064..869eac0cc7 100644
--- a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml
@@ -96,6 +96,9 @@ spec:
- mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-graphadmin/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
subPath: application.properties
diff --git a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties b/kubernetes/aai/charts/aai-resources/resources/config/realm.properties
index 2aa3e01a3a..0499b34f1c 100644
--- a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties
+++ b/kubernetes/aai/charts/aai-resources/resources/config/realm.properties
@@ -11,7 +11,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
@@ -34,3 +33,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
index 04549dfb94..2b124f01d4 100644
--- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
@@ -472,6 +472,9 @@ spec:
- mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.keyfile
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/roles.config b/kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config
index ee131d8414..ee131d8414 100644
--- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/roles.config
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/roles.config
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config b/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config
new file mode 100644
index 0000000000..ce69e88918
--- /dev/null
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/users.config
@@ -0,0 +1,20 @@
+[{
+ "orgId": null,
+ "managerId": null,
+ "firstName": "Demo",
+ "middleInitial": null,
+ "lastName": "User",
+ "phone": null,
+ "email": "demo@email.com",
+ "hrid": null,
+ "orgUserId": "demo",
+ "orgCode": null,
+ "orgManagerUserId": null,
+ "jobTitle": null,
+ "loginId": "demo",
+ "active": false,
+ "roles": [{
+ "id": 1,
+ "name": "View"
+ }]
+}] \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml
index 055c5ba116..50238aaea3 100644
--- a/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/templates/configmap.yaml
@@ -29,6 +29,8 @@ data:
{{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
index 3ecbd80340..d622be662d 100644
--- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
@@ -90,7 +90,7 @@ spec:
- mountPath: /opt/app/sparky/config/application-oxm-default.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-default.properties
-
+
- mountPath: /opt/app/sparky/config/application-oxm-override.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-override.properties
@@ -98,7 +98,15 @@ spec:
- mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-schema-prod.properties
-
+
+ - mountPath: /opt/app/sparky/config/roles.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: roles.config
+
+ - mountPath: /opt/app/sparky/config/users.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: users.config
+
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
index 2aa3e01a3a..0499b34f1c 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
@@ -11,7 +11,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
@@ -34,3 +33,5 @@ sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
index 68bd0185f6..6a5a7db6f0 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
@@ -304,6 +304,9 @@ spec:
- mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.keyfile
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index bf1602e330..0bc707e4e5 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -30,6 +30,30 @@ global: # global defaults
restartPolicy: Always
+ installSidecarSecurity: false
+
+ fproxy:
+ name: forward-proxy
+ activeSpringProfiles: noHostVerification,cadi
+ image: onap/fproxy:2.1-STAGING-latest
+ port: 10680
+
+ rproxy:
+ name: reverse-proxy
+ activeSpringProfiles: noHostVerification,cadi
+ image: onap/rproxy:2.1-STAGING-latest
+ port: 10692
+
+ tproxyConfig:
+ name: init-tproxy-config
+ image: onap/tproxy-config:2.1-STAGING-latest
+
+ # AAF server details. Only needed if the AAF DNS does not resolve from the pod
+ aaf:
+ serverIp: 10.12.6.214
+ serverHostname: aaf.osaaf.org
+ serverPort: 30247
+
cassandra:
serviceName: aai-cassandra
replicas: 3
@@ -257,4 +281,4 @@ resources:
requests:
cpu: 2
memory: 2Gi
- unlimited: {} \ No newline at end of file
+ unlimited: {}
diff --git a/kubernetes/common/pgpool/templates/configmap.yaml b/kubernetes/common/pgpool/templates/configmap.yaml
deleted file mode 100755
index cc20b42581..0000000000
--- a/kubernetes/common/pgpool/templates/configmap.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-pgpool-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/pgpool/templates/service.yaml b/kubernetes/common/pgpool/templates/service.yaml
deleted file mode 100644
index 0811fda593..0000000000
--- a/kubernetes/common/pgpool/templates/service.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-kind: "Service"
-apiVersion: "v1"
-metadata:
- name: "pgpool"
- labels:
- name: "pgpool"
-spec:
- ports:
- - protocol: "TCP"
- port: 5432
- targetPort: 5432
- selector:
- name: "pgpool"
- type: ClusterIP
diff --git a/kubernetes/common/pgpool/Chart.yaml b/kubernetes/common/postgres/charts/pgpool/Chart.yaml
index b57e72a6ee..b57e72a6ee 100644
--- a/kubernetes/common/pgpool/Chart.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/Chart.yaml
diff --git a/kubernetes/common/pgpool/configs/pgpool.conf b/kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf
index 9dd979ac6b..f335174f40 100644
--- a/kubernetes/common/pgpool/configs/pgpool.conf
+++ b/kubernetes/common/postgres/charts/pgpool/configs/pgpool.conf
@@ -52,12 +52,12 @@ pcp_socket_dir = '/tmp'
# - Backend Connection Settings -
-backend_hostname0 = '{{.Values.container.primary}}'
+backend_hostname0 = '{{.Values.container.name.primary}}'
backend_port0 = 5432
backend_weight0= 1
backend_flag0= 'DISALLOW_TO_FAILOVER'
-backend_hostname1 = '{{.Values.container.replica}}'
+backend_hostname1 = '{{.Values.container.name.replica}}'
backend_port1 = 5432
backend_weight1= 1
backend_flag1= 'DISALLOW_TO_FAILOVER'
@@ -259,7 +259,7 @@ failover_if_affected_tuples_mismatch = off
# LOAD BALANCING MODE
#------------------------------------------------------------------------------
-load_balance_mode = off
+load_balance_mode = on
# Activate load balancing mode
# (change requires restart)
ignore_leading_white_space = on
@@ -358,7 +358,7 @@ health_check_period = 20
health_check_timeout = 10
# Health check timeout
# 0 means no timeout
-health_check_user = '{{.Values.credentials.pguser}}'
+health_check_user = '{{.Values.credentials.pgusername}}'
# Health check user
health_check_password = '{{.Values.credentials.pgpassword}}'
# Password for health check user
@@ -419,7 +419,7 @@ search_primary_node_timeout = 10
# ONLINE RECOVERY
#------------------------------------------------------------------------------
-recovery_user = '{{.Values.credentials.pguser}}'
+recovery_user = '{{.Values.credentials.pgusername}}'
# Online recovery user
recovery_password = '{{.Values.credentials.pgpassword}}'
# Online recovery password
diff --git a/kubernetes/common/pgpool/configs/pool_hba.conf b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf
index d8918409e8..d8918409e8 100644
--- a/kubernetes/common/pgpool/configs/pool_hba.conf
+++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_hba.conf
diff --git a/kubernetes/common/pgpool/configs/pool_passwd b/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd
index d8e09a2afa..3636d1de74 100644
--- a/kubernetes/common/pgpool/configs/pool_passwd
+++ b/kubernetes/common/postgres/charts/pgpool/configs/pool_passwd
@@ -1 +1,2 @@
testuser:md599e8713364988502fa6189781bcf648f
+postgres:md53175bce1d3201d16594cebf9d7eb3f9d
diff --git a/kubernetes/common/pgpool/requirements.yaml b/kubernetes/common/postgres/charts/pgpool/requirements.yaml
index 9f44c6df28..9f44c6df28 100644
--- a/kubernetes/common/pgpool/requirements.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/requirements.yaml
diff --git a/kubernetes/aaf/templates/secrets.yaml b/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml
index fe876e1c6c..e2c77ff910 100644..100755
--- a/kubernetes/aaf/templates/secrets.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/templates/configmap.yaml
@@ -13,9 +13,9 @@
# limitations under the License.
apiVersion: v1
-kind: Secret
+kind: ConfigMap
metadata:
- name: {{ .Release.Name}}-aaf-local-secret
+ name: {{ include "common.fullname" . }}-pgpool-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -23,8 +23,4 @@ metadata:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }}
-type: Opaque
+{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/pgpool/templates/deployment.yaml b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml
index f598409848..4aa8d831fb 100644
--- a/kubernetes/common/pgpool/templates/deployment.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/templates/deployment.yaml
@@ -15,7 +15,7 @@
*/}}
kind: Deployment
apiVersion: extensions/v1beta1
-metadata:
+metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
@@ -23,7 +23,7 @@ metadata:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-spec:
+spec:
replicas: 2
template:
metadata:
@@ -32,8 +32,9 @@ spec:
release: {{ .Release.Name }}
spec:
containers:
- - name: pgpool
- image: "{{.Values.image.repository}}/{{.Values.image.container}}:{{.Values.image.tag}}"
+ - image: "{{.Values.repository}}/{{.Values.image}}"
+ imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+ name: {{ include "common.name" . }}
env:
- name: PG_PRIMARY_SERVICE_NAME
value: {{.Values.container.name.primary}}
@@ -52,8 +53,8 @@ spec:
port: 5432
initialDelaySeconds: 20
periodSeconds: 10
- livenessProbe:
- tcpSocket:
+ livenessProbe:
+ tcpSocket:
port: 5432
initialDelaySeconds: 15
periodSeconds: 20
@@ -64,4 +65,4 @@ spec:
volumes:
- name: pgpool-pgconf
configMap:
- name: {{ .Release.Name }}-pgpool-configmap
+ name: {{ include "common.fullname" . }}-pgpool-configmap
diff --git a/kubernetes/common/postgres/charts/pgpool/templates/service.yaml b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
new file mode 100644
index 0000000000..86442a2740
--- /dev/null
+++ b/kubernetes/common/postgres/charts/pgpool/templates/service.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/kubernetes/common/pgpool/values.yaml b/kubernetes/common/postgres/charts/pgpool/values.yaml
index 8e7474203d..cb732b7cd7 100644
--- a/kubernetes/common/pgpool/values.yaml
+++ b/kubernetes/common/postgres/charts/pgpool/values.yaml
@@ -12,7 +12,23 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-name: pgpool
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ persistence: {}
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: crunchydata
+image: crunchy-pgpool:centos7-10.4-2.0.0
+pullPolicy: Always
+
container:
port: 5432
name:
@@ -21,8 +37,8 @@ container:
credentials:
pgusername: testuser
pgpassword: password
-serviceType: ClusterIP
-image:
- repository: crunchydata
- container: crunchy-pgpool
- tag: centos7-10.4-2.0.0
+service:
+ name: pgpool
+ type: ClusterIP
+ externalPort: 5432
+ internalPort: 5432
diff --git a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
index 8e19b3172e..51f2acc8f5 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
@@ -31,6 +31,20 @@
"timeout": "1s"
},
{
+ "id": "multicloud-pike",
+ "name": "Multicloud Pike Health Check",
+ "http": "http://multicloud-pike:9007/api/multicloud-pike/v0/swagger.json",
+ "method": "HEAD",
+ "header": {
+ "Cache-Control": ["no-cache"],
+ "Content-Type": ["application/json"],
+ "Accept": ["application/json"]
+ },
+ "tls_skip_verify": true,
+ "interval": "15s",
+ "timeout": "1s"
+ },
+ {
"id": "multicloud-vio",
"name": "Multicloud Vio Health Check",
"http": "http://multicloud-vio:9004/api/multicloud-vio/v0/swagger.json",
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
index 52f8527a94..18632d1d39 100644
--- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml
@@ -60,6 +60,16 @@ postgres:
persistence:
mountSubPath: dcae/data
mountInitPath: dcae
+ pgpool:
+ nameOverride: dcae-pgpool
+ service:
+ name: dcae-pgpool
+ credentials:
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dcae-pgpool-primary
+ replica: dcae-pgpool-replica
# application image
repository: nexus3.onap.org:10001
diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml
index a14b1b7c98..e79a693382 100644
--- a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml
+++ b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml
@@ -92,6 +92,17 @@ postgres:
persistence:
mountSubPath: dbc/data
mountInitPath: dbc
+ pgpool:
+ nameOverride: dbc-pgpool
+ service:
+ name: dbc-pgpool
+ credentials:
+ pgusername: dmaap_admin
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dbc-pgpool-primary
+ replica: dbc-pgpool-replica
ingress:
enabled: false
diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml
index 9a48dbe64e..f8600b5825 100644
--- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml
+++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml
@@ -26,7 +26,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-node:latest
+image: onap/dmaap/datarouter-node:1.0.2
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml
index 855a64f913..dfdd38bfbf 100644
--- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml
@@ -27,7 +27,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-prov:latest
+image: onap/dmaap/datarouter-prov:1.0.2
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/multicloud/charts/multicloud-azure/.helmignore b/kubernetes/multicloud/charts/multicloud-azure/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-azure/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.hello.props b/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml
index eeacc1da94..d4b60c68b9 100644
--- a/kubernetes/aaf/resources/config/etc/org.osaaf.hello.props
+++ b/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml
@@ -1,4 +1,5 @@
# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,12 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.hello:2.1.0.0
-port=8130
-cadi_registration_hostname={{.Values.config.helloServiceName}}
+apiVersion: v1
+description: ONAP multicloud Azure plugin
+name: multicloud-azure
+version: 3.0.0
diff --git a/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml
new file mode 100644
index 0000000000..5e29829cc2
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-azure/resources/config/log/log.yml
@@ -0,0 +1,37 @@
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+version: 1
+disable_existing_loggers: False
+
+loggers:
+ vio:
+ handlers: [azure_handler]
+ level: "DEBUG"
+ propagate: False
+handlers:
+ vio_handler:
+ level: "DEBUG"
+ class: "logging.handlers.RotatingFileHandler"
+ filename: "/var/log/onap/multicloud/azure/azure.log"
+ formatter: "mdcFormat"
+ maxBytes: 52428800
+ backupCount: 10
+formatters:
+ standard:
+ format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
+ mdcFormat:
+ format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
+ mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
+ datefmt: "%Y-%m-%d %H:%M:%S"
+ (): onaplogging.mdcformatter.MDCFormatter
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt
new file mode 100644
index 0000000000..befedf4578
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-azure/templates/NOTES.txt
@@ -0,0 +1,34 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml
new file mode 100644
index 0000000000..5d69f74dc1
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-azure/templates/configmap.yaml
@@ -0,0 +1,29 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml
new file mode 100644
index 0000000000..d850eba3c9
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-azure/templates/deployment.yaml
@@ -0,0 +1,110 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: multicloud-azure
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
+ spec:
+ containers:
+ - env:
+ - name: MSB_ADDR
+ value: "{{ .Values.config.msbgateway }}"
+ - name: MSB_PORT
+ value: "{{ .Values.config.msbPort }}.{{ include "common.namespace" . }}"
+ - name: AAI_ADDR
+ value: aai.{{ include "common.namespace" . }}
+ - name: AAI_PORT
+ value: "{{ .Values.config.aai.port }}"
+ - name: AAI_SCHEMA_VERSION
+ value: "{{ .Values.config.aai.schemaVersion }}"
+ - name: AAI_USERNAME
+ value: "{{ .Values.config.aai.username }}"
+ - name: AAI_PASSWORD
+ value: "{{ .Values.config.aai.password }}"
+ name: {{ include "common.name" . }}
+ volumeMounts:
+ - mountPath: /var/log/onap
+ name: azure-log
+ - mountPath: /opt/multicloud_azure/multicloud_azure/pub/config/log.yml
+ name: azure-logconfig
+ subPath: log.yml
+ resources:
+{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ httpGet:
+ path: /api/multicloud-azure/v0/swagger.json
+ port: {{ .Values.service.internalPort }}
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
+ {{ end -}}
+ # side car containers
+ - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: filebeat-onap
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ - mountPath: /var/log/onap
+ name: azure-log
+ - mountPath: /usr/share/filebeat/data
+ name: azure-data-filebeat
+ volumes:
+ - name: azure-log
+ emptyDir: {}
+ - name: azure-data-filebeat
+ emptyDir: {}
+ - name: filebeat-conf
+ configMap:
+ name: multicloud-filebeat-configmap
+ - name: azure-logconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Always
diff --git a/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml
new file mode 100644
index 0000000000..b48aa6da7a
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-azure/templates/service.yaml
@@ -0,0 +1,53 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "multicloud-azure",
+ "version": "v0",
+ "url": "/api/multicloud-azure/v0",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ }
+ ]'
+spec:
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - name: {{ .Values.service.portName }}
+ port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ type: {{ .Values.service.type }}
diff --git a/kubernetes/multicloud/charts/multicloud-azure/values.yaml b/kubernetes/multicloud/charts/multicloud-azure/values.yaml
new file mode 100644
index 0000000000..7b9d9c7e4b
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-azure/values.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/multicloud/azure:1.2.0-SNAPSHOT
+pullPolicy: Always
+
+#Istio sidecar injection policy
+istioSidecar: true
+
+# application configuration
+config:
+ msbgateway: msb-iag
+ msbPort: 80
+ aai:
+ port: 8443
+ schemaVersion: v13
+ username: AAI
+ password: AAI
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 5
+ enabled: true
+
+service:
+ type: NodePort
+ portName: multicloud-azure
+ externalPort: 9008
+ internalPort: 9008
+ nodePort: 61
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 4Gi
+ requests:
+ cpu: 10m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 2
+ memory: 8Gi
+ requests:
+ cpu: 20m
+ memory: 2Gi
diff --git a/kubernetes/multicloud/charts/multicloud-ocata/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-ocata/templates/service.yaml
index cbe426edae..fda5ecefc8 100644
--- a/kubernetes/multicloud/charts/multicloud-ocata/templates/service.yaml
+++ b/kubernetes/multicloud/charts/multicloud-ocata/templates/service.yaml
@@ -18,7 +18,7 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ include "common.servicename" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -34,18 +34,26 @@ metadata:
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud-ocata",
+ "version": "v1",
+ "url": "/api/multicloud-ocata/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
}
]'
spec:
ports:
{{if eq .Values.service.type "NodePort" -}}
- - name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: http-{{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml
index 699b908c43..dcb7df4568 100644
--- a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml
+++ b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml
@@ -59,6 +59,7 @@ liveness:
service:
type: NodePort
name: multicloud-ocata
+ portName: multicloud-ocata
externalPort: 9006
internalPort: 9006
nodePort: 93
@@ -84,4 +85,4 @@ resources:
requests:
cpu: 20m
memory: 2Gi
- unlimited: {} \ No newline at end of file
+ unlimited: {}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/.helmignore b/kubernetes/multicloud/charts/multicloud-pike/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-pike/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/secret.yaml b/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml
index 4ae60f17c9..cdcfb72f5e 100644
--- a/kubernetes/aaf/charts/aaf-cs/templates/secret.yaml
+++ b/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright (c) 2018 Intel Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,10 +13,6 @@
# limitations under the License.
apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }}
+description: ONAP multicloud OpenStack Pike Plugin
+name: multicloud-pike
+version: 3.0.0
diff --git a/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml
new file mode 100644
index 0000000000..935d9ca62e
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-pike/resources/config/log/log.yml
@@ -0,0 +1,47 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+version: 1
+disable_existing_loggers: False
+
+loggers:
+ pike:
+ handlers: [pike_handler]
+ level: "DEBUG"
+ propagate: False
+ newton_base:
+ handlers: [pike_handler]
+ level: "DEBUG"
+ propagate: False
+ common:
+ handlers: [pike_handler]
+ level: "DEBUG"
+ propagate: False
+
+handlers:
+ pike_handler:
+ level: "DEBUG"
+ class: "logging.handlers.RotatingFileHandler"
+ filename: "/var/log/onap/multicloud/openstack/pike/pike.log"
+ formatter: "mdcFormat"
+ maxBytes: 1024*1024*50
+ backupCount: 10
+
+formatters:
+ standard:
+ format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
+ mdcFormat:
+ format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
+ mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
+ datefmt: "%Y-%m-%d %H:%M:%S"
+ (): onaplogging.mdcformatter.MDCFormatter
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt
new file mode 100644
index 0000000000..7adeb620b5
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-pike/templates/NOTES.txt
@@ -0,0 +1,34 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml
new file mode 100644
index 0000000000..db636e7bca
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-pike/templates/configmap.yaml
@@ -0,0 +1,28 @@
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml
new file mode 100644
index 0000000000..a7c54444b0
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-pike/templates/deployment.yaml
@@ -0,0 +1,110 @@
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
+ spec:
+ containers:
+ - env:
+ - name: MSB_ADDR
+ value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
+ - name: MSB_PORT
+ value: "{{ .Values.config.msbPort }}"
+ - name: AAI_ADDR
+ value: aai.{{ include "common.namespace" . }}
+ - name: AAI_PORT
+ value: "{{ .Values.config.aai.port }}"
+ - name: AAI_SCHEMA_VERSION
+ value: "{{ .Values.config.aai.schemaVersion }}"
+ - name: AAI_USERNAME
+ value: "{{ .Values.config.aai.username }}"
+ - name: AAI_PASSWORD
+ value: "{{ .Values.config.aai.password }}"
+ name: {{ include "common.name" . }}
+ volumeMounts:
+ - mountPath: /var/log/onap
+ name: pike-log
+ - mountPath: /opt/pike/pike/pub/config/log.yml
+ name: pike-logconfig
+ subPath: log.yml
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ httpGet:
+ path: /api/multicloud-pike/v0/swagger.json
+ port: {{ .Values.service.internalPort }}
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
+ {{ end }}
+ # side car containers
+ - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: filebeat-onap
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ - mountPath: /var/log/onap
+ name: pike-log
+ - mountPath: /usr/share/filebeat/data
+ name: pike-data-filebeat
+
+ volumes:
+ - name: pike-log
+ emptyDir: {}
+ - name: pike-data-filebeat
+ emptyDir: {}
+ - name: filebeat-conf
+ configMap:
+ name: multicloud-filebeat-configmap
+ - name: pike-logconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Always
diff --git a/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml
new file mode 100644
index 0000000000..7953b0d6d9
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-pike/templates/service.yaml
@@ -0,0 +1,61 @@
+{{/*
+# Copyright (c) 2018 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "multicloud-pike",
+ "version": "v0",
+ "url": "/api/multicloud-pike/v0",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud-pike",
+ "version": "v1",
+ "url": "/api/multicloud-pike/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ }
+ ]'
+
+spec:
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ type: {{ .Values.service.type }}
diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml
new file mode 100644
index 0000000000..ee937ae2ac
--- /dev/null
+++ b/kubernetes/multicloud/charts/multicloud-pike/values.yaml
@@ -0,0 +1,87 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/multicloud/openstack-pike:1.2.0-STAGING
+pullPolicy: Always
+
+#Istio sidecar injection policy
+istioSidecar: true
+
+# application configuration
+config:
+ msbgateway: msb-iag
+ msbPort: 80
+ aai:
+ port: 8443
+ schemaVersion: v13
+ username: AAI
+ password: AAI
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 5
+ enabled: true
+
+service:
+ type: NodePort
+ name: multicloud-pike
+ portName: multicloud-pike
+ externalPort: 9007
+ internalPort: 9007
+ nodePort: 96
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 4Gi
+ requests:
+ cpu: 10m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 2
+ memory: 8Gi
+ requests:
+ cpu: 20m
+ memory: 2Gi
+ unlimited: {}
diff --git a/kubernetes/multicloud/charts/multicloud-vio/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-vio/templates/service.yaml
index b53aef4bed..b34cbecb9d 100644
--- a/kubernetes/multicloud/charts/multicloud-vio/templates/service.yaml
+++ b/kubernetes/multicloud/charts/multicloud-vio/templates/service.yaml
@@ -18,7 +18,7 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ include "common.servicename" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -34,18 +34,26 @@ metadata:
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud-vio",
+ "version": "v1",
+ "url": "/api/multicloud-vio/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
}
]'
spec:
ports:
{{if eq .Values.service.type "NodePort" -}}
- - name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: http-{{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/multicloud/charts/multicloud-vio/values.yaml b/kubernetes/multicloud/charts/multicloud-vio/values.yaml
index 810646dc13..b23b014deb 100644
--- a/kubernetes/multicloud/charts/multicloud-vio/values.yaml
+++ b/kubernetes/multicloud/charts/multicloud-vio/values.yaml
@@ -59,6 +59,7 @@ liveness:
service:
type: NodePort
name: multicloud-vio
+ portName: multicloud-vio
externalPort: 9004
internalPort: 9004
nodePort: 92
@@ -84,4 +85,4 @@ resources:
requests:
cpu: 20m
memory: 2Gi
- unlimited: {} \ No newline at end of file
+ unlimited: {}
diff --git a/kubernetes/multicloud/charts/multicloud-windriver/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-windriver/templates/service.yaml
index f876bb97ac..c1128bbf47 100644
--- a/kubernetes/multicloud/charts/multicloud-windriver/templates/service.yaml
+++ b/kubernetes/multicloud/charts/multicloud-windriver/templates/service.yaml
@@ -18,7 +18,7 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ include "common.servicename" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -32,7 +32,7 @@ metadata:
"version": "v0",
"url": "/api/multicloud-titanium_cloud/v0",
"protocol": "REST",
- "port": "{{ .Values.service.internalPort }}",
+ "port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
},
{
@@ -40,7 +40,7 @@ metadata:
"version": "v0",
"url": "/api/multicloud-titaniumcloud/v0",
"protocol": "REST",
- "port": "{{ .Values.service.internalPort }}",
+ "port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
},
{
@@ -48,7 +48,7 @@ metadata:
"version": "v1",
"url": "/api/multicloud-titaniumcloud/v1",
"protocol": "REST",
- "port": "{{ .Values.service.internalPort }}",
+ "port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
}
]'
@@ -56,13 +56,13 @@ metadata:
spec:
ports:
{{ if eq .Values.service.type "NodePort" }}
- - name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{ else }}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: http-{{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{ end }}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml
index 4ebf84399f..913f682901 100644
--- a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml
+++ b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml
@@ -43,6 +43,7 @@ config:
service:
type: NodePort
name: multicloud-titaniumcloud
+ portName: multicloud-titaniumcloud
externalPort: 9005
internalPort: 9005
nodePort: 94
@@ -84,4 +85,4 @@ resources:
requests:
cpu: 20m
memory: 2Gi
- unlimited: {} \ No newline at end of file
+ unlimited: {}
diff --git a/kubernetes/multicloud/resources/config/provider-plugin.json b/kubernetes/multicloud/resources/config/provider-plugin.json
index 2f799e5cdb..2bc98943a5 100644
--- a/kubernetes/multicloud/resources/config/provider-plugin.json
+++ b/kubernetes/multicloud/resources/config/provider-plugin.json
@@ -7,6 +7,11 @@
"extra_info_hint": "",
"provider_plugin": "multicloud-titaniumcloud"
},
+ "pike": {
+ "version": "pike",
+ "extra_info_hint": "",
+ "provider_plugin": "multicloud-pike"
+ },
"ocata": {
"version": "ocata",
"extra_info_hint": "",
@@ -25,5 +30,16 @@
}
},
"provider_plugin": "multicloud-vio"
+ },
+ "azure": {
+ "vim_type": "azure",
+ "versions": {
+ "1.0": {
+ "version": "1.0",
+ "extra_info_hint": "",
+ "provider_plugin": "multicloud-azure"
+ }
+ },
+ "provider_plugin": "multicloud-azure"
}
}
diff --git a/kubernetes/multicloud/templates/service.yaml b/kubernetes/multicloud/templates/service.yaml
index 1ad3e5164c..e34bdf4502 100644
--- a/kubernetes/multicloud/templates/service.yaml
+++ b/kubernetes/multicloud/templates/service.yaml
@@ -18,7 +18,7 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -34,18 +34,26 @@ metadata:
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
"visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud",
+ "version": "v1",
+ "url": "/api/multicloud/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
}
]'
spec:
ports:
{{if eq .Values.service.type "NodePort" -}}
- - name: {{ .Values.service.name }}
- port: {{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml
index 3f1da7eb0c..5756d9f616 100644
--- a/kubernetes/multicloud/values.yaml
+++ b/kubernetes/multicloud/values.yaml
@@ -63,6 +63,7 @@ liveness:
service:
type: NodePort
name: multicloud
+ portName: multicloud-framework
externalPort: 9001
internalPort: 9001
nodePort: 91
@@ -88,4 +89,4 @@ resources:
requests:
cpu: 20m
memory: 2Gi
- unlimited: {} \ No newline at end of file
+ unlimited: {}
diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml
index f904b4cece..89a3f4b280 100644
--- a/kubernetes/nbi/values.yaml
+++ b/kubernetes/nbi/values.yaml
@@ -28,7 +28,7 @@ subChartsOnly:
# application image
repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:3.0.0-latest
+image: onap/externalapi/nbi:3.0.1
pullPolicy: Always
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
diff --git a/kubernetes/policy/resources/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf
index 9cf8a29612..deb213e4b6 100644
--- a/kubernetes/policy/resources/config/pe/console.conf
+++ b/kubernetes/policy/resources/config/pe/console.conf
@@ -135,8 +135,8 @@ onap_application_name=
#-----------------------ONAP-PORTAL-Properties----------------------
-ONAP_REDIRECT_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm
-ONAP_REST_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi
+ONAP_REDIRECT_URL=https://portal-app.{{.Release.Namespace}}:30225/ONAPPORTAL/login.htm
+ONAP_REST_URL=https://portal-app:8443/ONAPPORTAL/auxapi
ONAP_UEB_URL_LIST=
ONAP_PORTAL_INBOX_NAME=
ONAP_UEB_APP_KEY=
diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore
deleted file mode 100644
index ff0f0d76a4..0000000000
--- a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks
new file mode 100644
index 0000000000..4b7e115d8c
--- /dev/null
+++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks
Binary files differ
diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12
new file mode 100644
index 0000000000..df2f4f6cd3
--- /dev/null
+++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12
Binary files differ
diff --git a/kubernetes/portal/charts/portal-app/resources/server/server.xml b/kubernetes/portal/charts/portal-app/resources/server/server.xml
index 09c2f8405f..c87e6c377a 100644
--- a/kubernetes/portal/charts/portal-app/resources/server/server.xml
+++ b/kubernetes/portal/charts/portal-app/resources/server/server.xml
@@ -89,7 +89,7 @@
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- keystoreFile="keystoreONAP.keystore" keystorePass="{{ .Values.global.keypass }}"
+ keystoreFile="{{.Values.global.keystoreFile}}" keystorePass="{{.Values.global.keypass}}"
clientAuth="false" sslProtocol="TLS" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
diff --git a/kubernetes/portal/charts/portal-app/templates/configmap.yaml b/kubernetes/portal/charts/portal-app/templates/configmap.yaml
index d4ef698f71..28de588aa0 100644
--- a/kubernetes/portal/charts/portal-app/templates/configmap.yaml
+++ b/kubernetes/portal/charts/portal-app/templates/configmap.yaml
@@ -25,4 +25,3 @@ metadata:
data:
{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml
index 3fc2741556..fb9f35ba19 100644
--- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml
+++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml
@@ -59,11 +59,11 @@ spec:
- name: javax.net.ssl.keyStore
value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
- name: javax.net.ssl.keyStorePassword
- value: {{ .Values.global.keypass }}
+ value: {{ .Values.global.trustpass }}
- name: javax.net.ssl.trustStore
value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
- name: javax.net.ssl.trustStorePassword
- value: {{ .Values.global.keypass }}
+ value: {{ .Values.global.trustpass }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
@@ -106,10 +106,10 @@ spec:
- name: properties-onapportal
mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
subPath: server.xml
- - name: properties-onapportal
+ - name: authz-onapportal
mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}"
subPath: {{ .Values.global.keystoreFile}}
- - name: properties-onapportal
+ - name: authz-onapportal
mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}"
subPath: {{ .Values.global.truststoreFile}}
- name: var-log-onap
@@ -143,6 +143,9 @@ spec:
configMap:
name: {{ include "common.fullname" . }}-onapportal
defaultMode: 0755
+ - name: authz-onapportal
+ secret:
+ secretName: {{ include "common.fullname" . }}-authz-onapportal
- name: filebeat-conf
configMap:
name: portal-filebeat
diff --git a/kubernetes/aaf/resources/config/backup/cbackup.sh b/kubernetes/portal/charts/portal-app/templates/secret.yaml
index de918520c6..18f85c1698 100644
--- a/kubernetes/aaf/resources/config/backup/cbackup.sh
+++ b/kubernetes/portal/charts/portal-app/templates/secret.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,11 +12,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-cd /opt/app/cass_backup
-DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history"
-PWD=cassandra
-CQLSH="cqlsh -u cassandra -k authz -p $PWD"
-for T in $DATA ; do
- echo "Creating $T.dat"
- $CQLSH -e "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'"
-done
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-authz-onapportal
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql
index 1dcf0d8606..6b9e8a957c 100644
--- a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql
+++ b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql
@@ -1,41 +1,41 @@
-/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-*/
-
-USE portal;
-/*
-Any updates required by OOM to the portaldb are made here.
-1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP
-while the OOM K8s version has these service split up.
-*/
--- app_url is the FE, app_rest_endpoint is the BE
---portal-sdk => TODO: doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';
---dmaap-bc => the dmaap-bc doesn't open a node port..
-update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
---sdc-be => 8443:30204, 8080:30205
---sdc-fe => 8181:30206, 9443:30207
-update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';
---pap => 8443:30219
-update fn_app set app_url = 'http://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'http://pap:8443/onap/api/v2' where app_name = 'Policy';
---vid => 8080:30200
-update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';
---sparky => TODO: sparky doesn't open a node port yet
-update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';
---cli => 8080:30260
-update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
---msb-discovery => 10081:30281 this is clearly incorrect
-update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';
+/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*/
+
+USE portal;
+/*
+Any updates required by OOM to the portaldb are made here.
+1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP
+while the OOM K8s version has these service split up.
+*/
+-- app_url is the FE, app_rest_endpoint is the BE
+--portal-sdk => TODO: doesn't open a node port yet
+update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8990/ONAPPORTALSDK/api/v2' where app_name = 'xDemo App';
+--dmaap-bc => the dmaap-bc doesn't open a node port..
+update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl';
+--sdc-be => 8443:30204, 8080:30205
+--sdc-fe => 8181:30206, 9443:30207
+update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v2' where app_name = 'SDC';
+--pap => 8443:30219
+update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v2' where app_name = 'Policy';
+--vid => 8080:30200
+update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v2' where app_name = 'Virtual Infrastructure Deployment';
+--sparky => TODO: sparky doesn't open a node port yet
+update fn_app set app_url = 'http://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'http://aai-sparky-be.{{.Release.Namespace}}:9517/api/v2' where app_name = 'A&AI UI';
+--cli => 8080:30260
+update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI';
+--msb-discovery => 10081:30281 this is clearly incorrect
+update fn_app set app_url = 'http://{{.Values.config.msbDiscoveryHostName}}:{{.Values.config.msbDiscoveryPort}}/iui/microservices/default.html' where app_name = 'MSB';
diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml
index ecb7d5ecf6..14d35098a6 100644
--- a/kubernetes/portal/values.yaml
+++ b/kubernetes/portal/values.yaml
@@ -20,9 +20,10 @@ global:
portalPort: "8989"
# application's front end hostname. Must be resolvable on the client side environment
portalHostName: "portal.api.simpledemo.onap.org"
- keystoreFile: "keystoreONAP.keystore"
- truststoreFile: "keystoreONAPall.jks"
- keypass: "changeit"
+ keystoreFile: "keystoreONAPPortal.p12"
+ truststoreFile: "truststoreONAPall.jks"
+ keypass: ",@{9!OOv%HO@#c+0Z}axu!xV"
+ trustpass: "changeit"
config:
logstashServiceName: log-ls
diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
index ad09e444d8..f459e9d1b7 100644
--- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
@@ -37,8 +37,8 @@ GLOBAL_ASDC_BE_ONBOARD_PORT = "8081"
GLOBAL_ASDC_BE_USERNAME = "beep"
GLOBAL_ASDC_BE_PASSWORD = "boop"
# clamp info - everything is from the private oam network (also called onap private network)
-GLOBAL_CLAMP_SERVER_PROTOCOL = "http"
-GLOBAL_CLAMP_SERVER_PORT = "8080"
+GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
+GLOBAL_CLAMP_SERVER_PORT = "8443"
# nbi info - everything is from the private oam network (also called onap private network)
GLOBAL_NBI_SERVER_PROTOCOL = "http"
GLOBAL_NBI_SERVER_PORT = "8080"
@@ -147,4 +147,3 @@ GLOBAL_PROXY_WARNING_CONTINUE_XPATH=""
GLOBAL_DNS_TRAFFIC_DURATION = "600"
# location where heat templates are loaded from
GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/OpenECOMP_ETE/demo/heat"
-
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index fb920574c5..7fb9885596 100755
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -112,14 +112,14 @@ resources:
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 180
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 180
periodSeconds: 10
service:
diff --git a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties
index eb17d09882..3a6b5a08f0 100644
--- a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties
+++ b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties
@@ -18,18 +18,18 @@
# Configuration file for SDNC Controller Module
#
-org.onap.ccsdk.features.rest.adaptors.envtype=solo
+org.onap.ccsdk.features.blueprints.adaptors.envtype=solo
# Config Generator Microservices
-org.onap.ccsdk.features.rest.adaptors.modelservice.type=generic
-org.onap.ccsdk.features.rest.adaptors.modelservice.enable=true
-org.onap.ccsdk.features.rest.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/
-org.onap.ccsdk.features.rest.adaptors.modelservice.user=ccsdkapps
-org.onap.ccsdk.features.rest.adaptors.modelservice.passwd=ccsdkapps
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.type=generic
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.enable=true
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=ccsdkapps
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=ccsdkapps
# Generic RESTCONF Adaptor
-org.onap.ccsdk.features.rest.adaptors.restconf.type=generic
-org.onap.ccsdk.features.rest.adaptors.restconf.enable=true
-org.onap.ccsdk.features.rest.adaptors.restconf.user=admin
-org.onap.ccsdk.features.rest.adaptors.restconf.passwd={{ .Values.config.odlPassword}}
-org.onap.ccsdk.features.rest.adaptors.restconf.url=http://sdnc:8282/restconf/
+org.onap.ccsdk.features.blueprints.adaptors.restconf.type=generic
+org.onap.ccsdk.features.blueprints.adaptors.restconf.enable=true
+org.onap.ccsdk.features.blueprints.adaptors.restconf.user=admin
+org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd={{ .Values.config.odlPassword}}
+org.onap.ccsdk.features.blueprints.adaptors.restconf.url=http://sdnc:8282/restconf/
diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
index 7bab7fbbac..19c6028202 100755
--- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -68,12 +68,12 @@ mso:
vnf:
endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAdapter
rest:
- endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/vnfs/v1/vnfs
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/vnfs
volume-groups:
rest:
endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}g:8087/services/rest/v1/volume-groups
vnf-async:
- endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsyncAdapter
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsync
bpmn:
process:
historyTimeToLive: '30'
@@ -212,13 +212,13 @@ mso:
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService
vnfadapter:
create:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
delete:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
query:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
rollback:
- callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/VNFAdaptercallback
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
global:
dmaap:
username: testuser
diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml
index 601cd49eae..bdf82b6fbd 100755
--- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml
@@ -26,26 +26,6 @@ mso:
db:
auth: Basic YnBlbDpwYXNzd29yZDEk
spring:
- datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
- initialize: false
- initialization-mode: never
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
- jpa:
- generate-ddl: false
- show-sql: false
- hibernate:
- ddl-auto: validate
- naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
- enable-lazy-load-no-trans: true
- database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
security:
usercredentials:
-
@@ -59,8 +39,3 @@ spring:
#Actuator
management:
context-path: /manage
-flyway:
- baseline-on-migrate: true
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
diff --git a/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml
new file mode 100644
index 0000000000..c7e958c5a9
--- /dev/null
+++ b/kubernetes/so/charts/so-monitoring/resources/config/overrides/override.yaml
@@ -0,0 +1,17 @@
+server:
+ port: 8088
+ tomcat:
+ max-threads: 50
+ssl-enable: false
+camunda:
+ rest:
+ api:
+ url: http://bpmn-infra.{{ include "common.namespace" . }}:8081/engine-rest/engine/
+ engine: default
+ auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
+mso:
+ database:
+ rest:
+ api:
+ url: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/infraActiveRequests/
+ auth: Basic YnBlbDpwYXNzd29yZDEk
diff --git a/kubernetes/so/charts/so-monitoring/templates/configmap.yaml b/kubernetes/so/charts/so-monitoring/templates/configmap.yaml
index f7860108d8..489d5f48fc 100644
--- a/kubernetes/so/charts/so-monitoring/templates/configmap.yaml
+++ b/kubernetes/so/charts/so-monitoring/templates/configmap.yaml
@@ -24,3 +24,21 @@ kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-app-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/so/charts/so-monitoring/templates/deployment.yaml b/kubernetes/so/charts/so-monitoring/templates/deployment.yaml
index 595def5571..e11e404e8d 100644
--- a/kubernetes/so/charts/so-monitoring/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-monitoring/templates/deployment.yaml
@@ -71,7 +71,7 @@ spec:
key: mariadb.readwrite.rolename
- name: DB_PASSWORD
valueFrom:
- secretKeyRef:
+ secretKeyRef:
name: {{ .Release.Name}}-so-db-secrets
key: mariadb.readwrite.password
- name: DB_ADMIN_USERNAME
@@ -84,26 +84,6 @@ spec:
secretKeyRef:
name: {{ .Release.Name}}-so-db-secrets
key: mariadb.admin.password
- - name: CADI_KEYSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-ssl-pwd-secret
- key: cadi_keystore_password
- - name: CADI_TRUSTSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-ssl-pwd-secret
- key: cadi_truststore_password
- - name: MSO_KEYSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-ssl-client-secret
- key: keystore_password
- - name: MSO_TRUSTSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-ssl-client-secret
- key: truststore_password
envFrom:
- configMapRef:
name: {{ include "common.fullname" . }}-configmap
@@ -111,9 +91,6 @@ spec:
volumeMounts:
- name: logs
mountPath: /app/logs
- - name: certs
- mountPath: /app/certs/
- readOnly: true
- name: config
mountPath: /app/config
readOnly: true
@@ -137,9 +114,6 @@ spec:
volumes:
- name: logs
emptyDir: {}
- - name: certs
- secret:
- secretName: {{ .Release.Name}}-so-ssl-secret
- name: config
configMap:
name: {{ include "common.fullname" . }}-app-configmap
diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
index 1cdda917aa..615988066a 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
@@ -120,13 +120,13 @@ org:
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
sdncauth: 263f7d5f944d4d0c76db74b4148bec67d0bc796a874bc0d2a2a12aae89a866aa69133f700f391f784719a37f6a68d29bf5a2fbae1dab0402db7788c800c5ba73
sdncconnecttime: 5000
- sdncurl10: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
- sdncurl11: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
- sdncurl12: http://sdnc.{{ include "common.namespace" . }}:8282/
- sdncurl5: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config
- sdncurl6: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
- sdncurl8: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
- sdncurl9: http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation
+ sdncurl10: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
+ sdncurl11: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
+ sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/'
+ sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config'
+ sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
+ sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
+ sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
service:
infra:
service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index b9b90166f2..067b3c57c0 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -53,6 +53,17 @@ postgres:
pgPrimaryPassword: postgres
pgUserPassword: postgres
pgRootPassword: postgres
+ pgpool:
+ nameOverride: vnfsdk-pgpool
+ service:
+ name: vnfsdk-pgpool
+ credentials:
+ pgusername: postgres
+ pgpassword: postgres
+ container:
+ name:
+ primary: pgpool-primary
+ replica: pgpool-replica
# flag to enable debugging - application support required
debugEnabled: false