diff options
34 files changed, 2635 insertions, 251 deletions
diff --git a/kubernetes/sdc/Chart.yaml b/kubernetes/sdc/Chart.yaml index e137297e19..e455d793e6 100644 --- a/kubernetes/sdc/Chart.yaml +++ b/kubernetes/sdc/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: Service Design and Creation Umbrella Helm charts name: sdc -version: 13.0.2 +version: 13.0.3 dependencies: - name: common diff --git a/kubernetes/sdc/components/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml index b59c655fa3..a17a9d3b00 100644 --- a/kubernetes/sdc/components/sdc-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-be/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: ONAP Service Design and Creation Backend API name: sdc-be -version: 13.0.1 +version: 13.0.2 dependencies: - name: common diff --git a/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/configuration.yaml b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/configuration.yaml new file mode 100644 index 0000000000..8103700bd9 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/configuration.yaml @@ -0,0 +1,1253 @@ +identificationHeaderFields: + - HTTP_IV_USER + - HTTP_CSP_FIRSTNAME + - HTTP_CSP_LASTNAME + - HTTP_IV_REMOTE_ADDRESS + - HTTP_CSP_WSTYPE + + +# catalog backend hostname +beFqdn: {{ .Values.beFqdn }} + +# catalog backend http port +beHttpPort: {{ .Values.beHttpPort }} + +# catalog backend http context +beContext: /sdc/rest/config/get + +# catalog backend protocol +beProtocol: http + +tlsCert: {{ .Values.tlsCert }} +tlsKey: {{ .Values.tlsKey }} +caCert: {{ .Values.caCert }} + +# catalog backend ssl port +beSslPort: {{ .Values.beSslPort }} +version: 1.1.0 +released: 2012-11-30 +toscaConformanceLevel: 11.0 +minToscaConformanceLevel: 3.0 + +janusGraphCfgFile: {{ .Values.janusGraphCfgFile }} +janusGraphInMemoryGraph: false +janusGraphLockTimeout: 1800 +#startup: connect to JanusGraph DB when it is down during ASDC--More-- (2% of 27930 bytes) +janusGraphReconnectIntervalInSeconds: 3 + +# The read timeout towards JanusGraph DB when health check is invoked: +janusGraphHealthCheckReadTimeout: 1 + + #startup: connect to Elasticsearch when it is down during ASDC--More-- (3% of 27930 bytes) + +uebHealthCheckReconnectIntervalInSeconds: 15 +uebHealthCheckReadTimeout: 4 + +# Protocols +protocols: + - http + - https + +# Default imports +defaultImports: + - nodes: + file: nodes.yml + - datatypes: + file: data.yml + - capabilities: + file: capabilities.yml + - relationships: + file: relationships.yml + - groups: + file: groups.yml + - policies: + file: policies.yml + - annotations: + file: annotations.yml + +# Global CSAR Import Files +globalCsarImports: + - annotations.yml + - artifacts.yml + - capabilities.yml + - data.yml + - groups.yml + - interfaces.yml + - nodes.yml + - policies.yml + - relationships.yml + +# Users +users: + tom: passwd + bob: passwd + +basicAuth: + enabled: {{ .Values.basicAuthConfig.enabled }} + userName: {{ .Values.basicAuth.userName }} + userPass: {{ .Values.basicAuth.userPass }} + excludedUrls: "/sdc2/rest/healthCheck" + + +cassandraConfig: + cassandraHosts: [{{ .Values.cassandra.hostname }}] + cassandraPort: {{ .Values.cassandra.port }} + localDataCenter: {{ .Values.cassandra.datacenterName }} + reconnectTimeout : 30000 + socketReadTimeout: {{ .Values.cassandraConfig.socketReadTimeout }} + socketConnectTimeout: {{ .Values.cassandraConfig.socketConnectTimeout }} + authenticate: true + username: {{ .Values.cassandra.cassandraUsername }} + password: {{ .Values.cassandra.cassandraPassword }} + ssl: {{ .Values.cassandraConfig.ssl }} + keystorePath: {{ .Values.cassandraConfig.keystorePath }} + keystorePassword: {{ .Values.cassandraConfig.keystorePassword }} + truststorePath: {{ .Values.cassandraConfig.truststorePath }} + truststorePassword: {{ .Values.cassandraConfig.truststorePassword }} + keySpaces: + - { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdcaudit, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdcartifact, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdccomponent, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} + - { name: sdcrepository, replicationStrategy: NetworkTopologyStrategy, replicationInfo: [{{ if .Values.pairEnvName }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}','{{ .Values.cassandra.clusterName }}{{ .Values.pairEnvName }}','{{ .Values.cassandra.replicationFactor }}'{{ else }}'{{ .Values.cassandra.datacenterName }}','{{ .Values.cassandra.replicationFactor }}'{{ end }}]} +licenseTypes: + - User + - Installation + - CPU + +#Deployment artifacts placeHolder +resourceTypes: &allResourceTypes + - VFC + - CP + - VL + - VF + - CR + - VFCMT + - Abstract + - CVFC + - Configuration + - ServiceProxy + - PNF + +componentAllowedInstanceTypes: + Resource: + VF: + - VFC + - VF + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + CVFC: + - VFC + - VF + - CR + - CP + - PNF + - CVFC + - VL + - ServiceProxy + - Abstract + PNF: + - VF + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + CR: + - VF + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + VL: + - VL + Service: + "*": + - VF + - VFC + - CR + - CP + - PNF + - CVFC + - VL + - Configuration + - ServiceProxy + - Abstract + +artifacts: + - type: CONTROLLER_BLUEPRINT_ARCHIVE + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - zip + - type: HELM + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - tgz + - type: YANG_XML + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: VNF_CATALOG + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: MODEL_INVENTORY_PROFILE + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: MODEL_QUERY_SPEC + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: UCPE_LAYER_2_CONFIGURATION + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + #AAI Artifacts + - type: AAI_SERVICE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: AAI_VF_MODULE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + - type: AAI_VF_INSTANCE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: + acceptedTypes: + - xml + #Plan + - type: PLAN + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: + - VF + - VFC + acceptedTypes: + - xml + - type: WORKFLOW + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - RESOURCE + resourceTypes: + - VFC + - CP + - VL + - VF + - CR + - VFCMT + - Abstract + - CVFC + - PNF + acceptedTypes: + - type: HEAT + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_VOL + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_NET + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_NESTED + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - yaml + - yml + - type: HEAT_ARTIFACT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - zip + - tgz + - csar + - type: VNF_CATALOG + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: VF_LICENSE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: VENDOR_LICENSE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: MODEL_INVENTORY_PROFILE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: MODEL_QUERY_SPEC + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - xml + - type: LIFECYCLE_OPERATIONS + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFC + acceptedTypes: + - yaml + - yml + - type: VES_EVENTS + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: + - VFC + - CP + - VL + - VF + - CR + - VFCMT + - Abstract + - CVFC + - PNF + acceptedTypes: + - yaml + - yml + - type: PERFORMANCE_COUNTER + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - csv + - type: APPC_CONFIG + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + acceptedTypes: + - type: DCAE_TOSCA + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - yml + - yaml + - type: DCAE_JSON + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - json + - type: DCAE_POLICY + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - emf + - type: DCAE_DOC + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - type: DCAE_EVENT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFCMT + acceptedTypes: + - type: AAI_VF_MODEL + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + acceptedTypes: + - xml + - type: AAI_VF_MODULE_MODEL + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + acceptedTypes: + - xml + - type: OTHER + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: + - VFC + - CVFC + - CP + - VL + - VF + - VFCMT + - Abstract + - PNF + acceptedTypes: + - type: SNMP_POLL + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: SNMP_TRAP + categories: + - DEPLOYMENT + - INFORMATIONAL + componentTypes: + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: PM_DICTIONARY + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - yaml + - yml + - type: YANG_MODULE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - yang + - type: ANSIBLE_PLAYBOOK + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - yaml + - yml + - type: ONBOARDED_PACKAGE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - csar + - zip + - type: ETSI_PACKAGE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - csar + - zip + - type: ASD_PACKAGE + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE + resourceTypes: + - VF + - PNF + acceptedTypes: + - csar + - zip + - type: HEAT_ENV + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - env + - type: VF_MODULES_METADATA + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - json + - type: DCAE_INVENTORY_TOSCA + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - yml + - yaml + - type: DCAE_INVENTORY_JSON + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - json + - type: DCAE_INVENTORY_POLICY + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - emf + - type: DCAE_INVENTORY_DOC + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - type: DCAE_INVENTORY_BLUEPRINT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - type: DCAE_INVENTORY_EVENT + categories: + - DEPLOYMENT + componentTypes: + - RESOURCE_INSTANCE + resourceTypes: + acceptedTypes: + - type: CHEF + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: PUPPET + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: SHELL + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: YANG + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: BPEL + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: DG_XML + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: MURANO_PKG + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: PNF_SW_INFORMATION + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: + - PNF + acceptedTypes: + - yaml + - yml + - type: GUIDE + categories: + - INFORMATIONAL + componentTypes: + - RESOURCE + resourceTypes: + - VF + - VFC + - CVFC + - PNF + acceptedTypes: + - yaml + - yml + - type: FLOW + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + resourceTypes: *allResourceTypes + acceptedTypes: + - type: SHELL_SCRIPT + categories: + - DEPLOYMENT + componentTypes: + - SERVICE + - SERVICE_INSTANCE + - RESOURCE + - RESOURCE_INSTANCE + resourceTypes: *allResourceTypes + acceptedTypes: + - sh + - type: TOSCA_CSAR + categories: + - TOSCA + componentTypes: + resourceTypes: + acceptedTypes: + - csar + - type: TOSCA_TEMPLATE + categories: + - TOSCA + componentTypes: + resourceTypes: + acceptedTypes: + - yml + - yaml + - type: NETWORK_CALL_FLOW + categories: + componentTypes: + resourceTypes: + acceptedTypes: + - type: ICON + categories: + componentTypes: + resourceTypes: + acceptedTypes: + +deploymentResourceArtifacts: + +deploymentResourceInstanceArtifacts: + heatEnv: + displayName: "HEAT ENV" + type: HEAT_ENV + description: "Auto-generated HEAT Environment deployment artifact" + fileExtension: "env" + VfHeatEnv: + displayName: "VF HEAT ENV" + type: HEAT_ENV + description: "VF Auto-generated HEAT Environment deployment artifact" + fileExtension: "env" + +#tosca artifacts placeholders +toscaArtifacts: + assetToscaTemplate: + artifactName: -template.yml + displayName: Tosca Template + type: TOSCA_TEMPLATE + description: TOSCA representation of the asset + assetToscaCsar: + artifactName: -csar.csar + displayName: Tosca Model + type: TOSCA_CSAR + description: TOSCA definition package of the asset + +#Informational artifacts placeHolder +excludeResourceCategory: + - Generic +excludeResourceType: + - PNF + - CR +informationalResourceArtifacts: + features: + displayName: Features + type: OTHER + capacity: + displayName: Capacity + type: OTHER + vendorTestResult: + displayName: Vendor Test Result + type: OTHER + testScripts: + displayName: Test Scripts + type: OTHER + CloudQuestionnaire: + displayName: Cloud Questionnaire (completed) + type: OTHER + HEATTemplateFromVendor: + displayName: HEAT Template from Vendor + type: HEAT + resourceSecurityTemplate: + displayName: Resource Security Template + type: OTHER + +excludeServiceCategory: + +informationalServiceArtifacts: + serviceArtifactPlan: + displayName: Service Artifact Plan + type: OTHER + summaryOfImpactsToECOMPElements: + displayName: Summary of impacts to ECOMP elements,OSSs, BSSs + type: OTHER + automationCompositionFunctions: + displayName: Automation Composition Functions + type: OTHER + dimensioningInfo: + displayName: Dimensioning Info + type: OTHER + affinityRules: + displayName: Affinity Rules + type: OTHER + operationalPolicies: + displayName: Operational Policies + type: OTHER + serviceSpecificPolicies: + displayName: Service-specific Policies + type: OTHER + engineeringRules: + displayName: Engineering Rules (ERD) + type: OTHER + distributionInstructions: + displayName: Distribution Instructions + type: OTHER + certificationTestResults: + displayName: TD Certification Test Results + type: OTHER + deploymentVotingRecord: + displayName: Deployment Voting Record + type: OTHER + serviceQuestionnaire: + displayName: Service Questionnaire + type: OTHER + serviceSecurityTemplate: + displayName: Service Security Template + type: OTHER + +serviceApiArtifacts: + configuration: + displayName: Configuration + type: OTHER + instantiation: + displayName: Instantiation + type: OTHER + monitoring: + displayName: Monitoring + type: OTHER + reporting: + displayName: Reporting + type: OTHER + logging: + displayName: Logging + type: OTHER + testing: + displayName: Testing + type: OTHER + +additionalInformationMaxNumberOfKeys: 50 + +systemMonitoring: + enabled: false + isProxy: false + probeIntervalInSeconds: 15 +heatArtifactDeploymentTimeout: + defaultMinutes: 30 + minMinutes: 1 + maxMinutes: 120 + +unLoggedUrls: + - /sdc2/rest/monitoring + - /sdc2/rest/healthCheck + +cleanComponentsConfiguration: + cleanIntervalInMinutes: 1440 + componentsToClean: + - Resource + - Service + +artifactsIndex: resources + +heatEnvArtifactHeader: "" +heatEnvArtifactFooter: "" + +onboarding: + host: {{ .Values.ONBOARDING_BE.host }} + protocol: {{ if .Values.disableHttp }}https{{ else }}http{{ end }} + port: {{ if .Values.disableHttp }}{{ .Values.ONBOARDING_BE.httpsPort }}{{ else }}{{ .Values.ONBOARDING_BE.httpPort }}{{ end }} + getVspPackageUri: "/onboarding-api/v1.0/vendor-software-products/packages/%s?versionId=%s" # /onboarding-api/v1.0/vendor-software-products/packages/:vspId?versionId=:vspVersionId + getLatestVspPackageUri: "/onboarding-api/v1.0/vendor-software-products/packages/%s" # /onboarding-api/v1.0/vendor-software-products/packages/:vspId + getVspUri: "/onboarding-api/v1.0/vendor-software-products/%s/versions/%s" # /onboarding-api/v1.0/vendor-software-products/:vspId/versions/:vspVersionId + getLatestVspUri: "/onboarding-api/v1.0/vendor-software-products/%s" # /onboarding-api/v1.0/vendor-software-products/:vspId + healthCheckUri: "/onboarding-api/v1.0/healthcheck" + +# #GSS IDNS +switchoverDetector: + gBeFqdn: + gFeFqdn: + beVip: 1.2.3.4 + feVip: 1.2.3.4 + beResolveAttempts: 3 + feResolveAttempts: 3 + enabled: false + interval: 60 + changePriorityUser: ecompasdc + changePriorityPassword: ecompasdc123 + publishNetworkUrl: + publishNetworkBody: '{"note":"comment"}' + groups: + beSet: { changePriorityUrl: "", changePriorityBody: '{"name":"","uri":"","no_ad_redirection":false,"v4groups":{"failover_groups":["","","failover_policy":["FAILALL"]},"comment":"","intended_app_proto":"DNS"}'} + feSet: { changePriorityUrl: "", changePriorityBody: '{"name":"","uri":"","no_ad_redirection":false,"v4groups":{"failover_groups":["",""],"failover_policy":["FAILALL"]},"comment":"","intended_app_proto":"DNS"}'} +applicationL1Cache: + datatypes: + enabled: true + firstRunDelay: 10 + pollIntervalInSec: 60 + +applicationL2Cache: + enabled: false + catalogL1Cache: + enabled: false + resourcesSizeInCache: 300 + servicesSizeInCache: 200 + productsSizeInCache: 100 + queue: + syncIntervalInSecondes: 43200 + waitOnShutDownInMinutes: 10 + numberOfCacheWorkers: 4 + +toscaValidators: + stringMaxLength: 2500 + +disableAudit: false + +vfModuleProperties: + min_vf_module_instances: + forBaseModule: 1 + forNonBaseModule: 0 + max_vf_module_instances: + forBaseModule: 1 + forNonBaseModule: + initial_count: + forBaseModule: 1 + forNonBaseModule: 0 + vf_module_type: + forBaseModule: Base + forNonBaseModule: Expansion + +genericAssetNodeTypes: + VFC: org.openecomp.resource.abstract.nodes.VFC + CVFC: org.openecomp.resource.abstract.nodes.VFC + VF : org.openecomp.resource.abstract.nodes.VF + CR : org.openecomp.resource.abstract.nodes.CR + PNF: org.openecomp.resource.abstract.nodes.PNF + Service: org.openecomp.resource.abstract.nodes.service + ETSI NFV Network Service: tosca.nodes.nfv.NS + +# Defines the base types for Services +# <category name>: +# required: <boolean> //if the base type is mandatory or not +# baseTypes: <list of TOSCA types> //the base types. Required if the base type is required. +# If not provided, the category will have no base type. +serviceBaseNodeTypes: + ETSI NFV Network Service: + required: true + baseTypes: + - tosca.nodes.nfv.NS + AutomationComposition: + required: false + +workloadContext: Production + +environmentContext: + defaultValue: General_Revenue-Bearing + validValues: + - Critical_Revenue-Bearing + - Vital_Revenue-Bearing + - Essential_Revenue-Bearing + - Important_Revenue-Bearing + - Needed_Revenue-Bearing + - Useful_Revenue-Bearing + - General_Revenue-Bearing + - Critical_Non-Revenue + - Vital_Non-Revenue + - Essential_Non-Revenue + - Important_Non-Revenue + - Needed_Non-Revenue + - Useful_Non-Revenue + - General_Non-Revenue + +gabConfig: + - artifactType: 'VES_EVENTS' + pathsAndNamesDefinitions: + - + friendlyName: "Action" + path: "event.action[2]" + searchable: true + - + friendlyName: "Comment" + path: "event.comment" + searchable: true + - + friendlyName: "Alarm Additional Information" + path: "event.structure.faultFields.structure.alarmAdditionalInformation.comment" + searchable: true + - artifactType: 'PM_DICTIONARY' + pathsAndNamesDefinitions: + - + friendlyName: "measType" + path: "pmMetaData.pmFields.measType" + searchable: true + - + friendlyName: "measDescription" + path: "pmMetaData.pmFields.measDescription" + searchable: true + - + friendlyName: "measCondition" + path: "pmMetaData.pmFields.measCondition" + searchable: false + - + friendlyName: "measResultUnits" + path: "pmMetaData.pmFields.measResultUnits" + searchable: false + - + friendlyName: "measResultRange" + path: "pmMetaData.pmFields.measResultRange" + searchable: false + - + friendlyName: "measObjClass" + path: "pmMetaData.pmFields.measObjClass" + searchable: true + - + friendlyName: "measCollectionMethod" + path: "pmMetaData.pmFields.measCollectionMethod" + searchable: false + - + friendlyName: "measInfoId" + path: "pmMetaData.pmFields.measInfoId" + searchable: true + - + friendlyName: "iMeasInfoId" + path: "pmMetaData.pmFields.iMeasInfoId" + searchable: false +dmaapConsumerConfiguration: + active: {{ .Values.dmaapConsumerConfiguration.active }} + hosts: localhost:3905 + consumerGroup: sdc + consumerId: mama + timeoutMs: 15000 + limit: 1 + pollingInterval: 2 + topic: topic + latitude: 32.109333 + longitude: 34.855499 + version: 1.0 + serviceName: localhost/events + environment: TEST + partner: BOT_R + routeOffer: MR1 + protocol: https + contenttype: application/json + dme2TraceOn: true + aftEnvironment: AFTUAT + aftDme2ConnectionTimeoutMs: 15000 + aftDme2RoundtripTimeoutMs: 240000 + aftDme2ReadTimeoutMs: 50000 + dme2preferredRouterFilePath: DME2preferredRouter.txt + timeLimitForNotificationHandleMs: 120000 + credential: + username: user + password: + aftDme2SslEnable: true + aftDme2ClientSslCertAlias: certman + +dmaapProducerConfiguration: + active: true + hosts: {{ .Values.dmaapProducerConfiguration.hosts }} + consumerGroup: sdc-{{ .Values.chefEnvironment }}-1730226683 + consumerId: sdc-{{ .Values.chefEnvironment }}1-1730226683 + timeoutMs: 15000 + limit: 1 + pollingInterval: 2 + topic: {{ .Values.dmaapProducerConfiguration.topic }} + latitude: 32.109333 + longitude: 34.855499 + version: 1.0 + serviceName: {{ .Values.dmaapProducerConfiguration.serviceName }} + environment: {{ .Values.dmaapProducerConfiguration.environment }} + partner: BOT_R + routeOffer: MR1 + protocol: {{ .Values.dmaapProducerConfiguration.protocol }} + contenttype: application/json + dme2TraceOn: true + aftEnvironment: {{ .Values.dmaapProducerConfiguration.aftEnvironment }} + aftDme2ConnectionTimeoutMs: 15000 + aftDme2RoundtripTimeoutMs: 240000 + aftDme2ReadTimeoutMs: 50000 + dme2preferredRouterFilePath: {{ .Values.dmaapProducerConfiguration.dme2preferredRouterFilePath }} + timeLimitForNotificationHandleMs: 120000 + credential: + username: {{ .Values.dmaapProducerConfiguration.username }} + password: {{ .Values.dmaapProducerConfiguration.password }} + aftDme2SslEnable: true + aftDme2ClientSslCertAlias: certman + +# ToDo: AF - had to remove due to configuration laod class failure +#dmeConfiguration: +# lookupUriFormat: "http://DME2RESOLVE/service=%s/version=1.0.0/envContext=%s/routeOffer=DEFAULT" +# dme2Search: DME2SEARCH +# dme2Resolve: DME2RESOLVE + +excludedPolicyTypesMapping: +# VF: +# - a.b.c +# - c.d.e +#CR: +# - x.y.z + +excludedGroupTypesMapping: + CR: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + PNF: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + VF: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + Service: + - org.openecomp.groups.VfModule + - org.openecomp.groups.heat.HeatStack + - org.openecomp.groups.Group + - tosca.groups.Root + +healthStatusExclude: + - DE + - DMAAP + - DMAAP_PRODUCER + - ON_BOARDING + - DCAE + - PORTAL + - External API + +#Auto Healing +enableAutoHealing: false +appVersion: {{ .Values.appVersion }} + +artifactGeneratorConfig: Artifact-Generator.properties +resourcesForUpgrade: + 8.0: + - org.openecomp.resource.cp.extCP + - tosca.nodes.network.Network + - tosca.nodes.network.Port + - org.openecomp.resource.cp.nodes.network.SubInterface +skipUpgradeFailedVfs: true +skipUpgradeVSPs: true +autoHealingOwner: jh0003 +supportAllottedResourcesAndProxy: true +deleteLockTimeoutInSeconds: 60 +maxDeleteComponents: 10 + +# This configuration entry lists all node type names prefix that shall be allowed on SDC. +definedResourceNamespace: + - org.openecomp.resource. + - org.onap.policy.clamp.acm. + - tosca.nodes. + +# This configuration entry lists all Directives values that shall be allowed on SDC. +directives: + - select + - selectable + - substitute + - substitutable + +externalCsarStore: + storageType: NONE # NONE, MINIO + endpoint: + host: 127.0.0.1 + port: 9000 + secure: false + credentials: + accessKey: "login" + secretKey: "password" + tempPath: "/home/onap/temp/" + uploadPartSize: 200000000 + +#This configuration specifies the delimiter used to differentiate instance name and count +componentInstanceCounterDelimiter: " " + +# Comma separated list of excluded URLs by the DataValidatorFilter +dataValidatorFilterExcludedUrls: "/healthCheck,/followed,/authorize" + +#Space separated list of permitted ancestors +permittedAncestors: {{ .Values.permittedAncestors }} diff --git a/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/distribution-engine-configuration.yaml b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/distribution-engine-configuration.yaml new file mode 100644 index 0000000000..f096b13fcc --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/distribution-engine-configuration.yaml @@ -0,0 +1,84 @@ +uebServers: + - no-message-router.onap + - no-message-router.onap + +uebPublicKey: {{ .Values.uebPublicKey }} +uebSecretKey: {{ .Values.uebSecretKey }} + +distributionNotifTopicName: {{ if .Values.distributionNotifTopicName }}{{ .Values.distributionNotifTopicName }}{{- else }}SDC-DISTR-NOTIF-TOPIC{{- end }} + +distributionStatusTopicName: {{ if .Values.distributionStatusTopicName }}{{ .Values.distributionStatusTopicName }}{{- else }}SDC-DISTR-STATUS-TOPIC{{- end }} + +kafkaBootStrapServers: {{ .Values.kafkaBootStrapServers }} + +initRetryIntervalSec: 5 +initMaxIntervalSec: 60 + +distribNotifServiceArtifactTypes: + info: + - MURANO-PKG + +distribNotifResourceArtifactTypes: + lifecycle: + - HEAT + - DG-XML + +environments: + - {{ .Values.chefEnvironment }} + +distributionStatusTopic: + pollingIntervalSec: 60 + fetchTimeSec: 15 + consumerGroup: sdc-{{ .Values.chefEnvironment }} + consumerId: sdc-{{ .Values.chefEnvironment }}1 + + +distributionNotificationTopic: + minThreadPoolSize: 0 + maxThreadPoolSize: 10 + maxWaitingAfterSendingSeconds: 5 + +createTopic: + partitionCount: 1 + replicationCount: 1 + +startDistributionEngine: true + +#This is false by default, since ONAP Dmaap currently doesn't support https +useHttpsWithDmaap: false +opEnvRecoveryIntervalSec: 180 +allowedTimeBeforeStaleSec: 300 + +aaiConfig: + httpRequestConfig: + serverRootUrl: https://localhost:8443 + resourceNamespaces: + operationalEnvironments: /aai/v12/cloud-infrastructure/operational-environments + + httpClientConfig: + timeouts: + readTimeoutMs: 5000 + connectTimeoutMs: 1000 + clientCertificate: + keyStore: /app/jetty/base/be/etc/non-prod.jks + keyStorePassword: hmXYcznAljMSisdy8zgcag== + headers: + X-FromAppId: asdc + numOfRetries: 3 + +msoConfig: + httpRequestConfig: + serverRootUrl: http://127.0.0.1:8080/onap/mso/infra/modelDistributions/v1 + resourceNamespaces: + distributions: /distributions + + httpClientConfig: + timeouts: + readTimeoutMs: 2000 + connectTimeoutMs: 500 + basicAuthorization: + userName: asdc + password: OTLEp5lfVhYdyw5EAtTUBQ== + numOfRetries: 3 + +currentArtifactInstallationTimeout: 120 diff --git a/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/janusgraph.properties b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/janusgraph.properties new file mode 100644 index 0000000000..a08f7bd77a --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/catalog-be/janusgraph.properties @@ -0,0 +1,39 @@ +storage.backend=cql +storage.hostname={{ .Values.cassandra.hostname }} +storage.port={{ .Values.cassandra.port }} +storage.username={{ .Values.cassandra.cassandraUsername }} +storage.password={{ .Values.cassandra.cassandraPassword }} +storage.connection-timeout={{ .Values.cassandra.connectionTimeout }} +storage.cql.keyspace=sdctitan + +storage.cql.ssl.enabled={{ .Values.cassandra.cassandraSslEnabled }} +storage.cql.ssl.keystore.location={{ .Values.cassandra.keystoreLocation }} +storage.cql.ssl.keystore.password={{ .Values.cassandra.keystorePassword }} +storage.cql.ssl.truststore.location={{ .Values.cassandra.truststoreLocation }} +storage.cql.ssl.truststore.password={{ .Values.cassandra.truststorePassword }} + +storage.cql.read-consistency-level={{ .Values.cassandra.readConsistencyLevel }} +storage.cql.write-consistency-level={{ .Values.cassandra.writeConsistencyLevel }} +storage.cql.replication-strategy-class=NetworkTopologyStrategy + + +{{- $replicationStrategyOptions := "" -}} +{{- if .Values.pairEnvName | eq "" }} +{{- $replicationStrategyOptions = printf "%s,%d" .Values.cassandra.datacenterName (int .Values.cassandra.replicationFactor) -}} +{{- else }} +{{- $replicationStrategyOptions = printf "%s,%d,%s%s,%d" .Values.cassandra.datacenterName (int .Values.cassandra.replicationFactor) .Values.cassandra.cluster_name .Values.pairEnvName (int .Values.cassandra.replicationFactor) -}} +{{- end }} + +storage.cql.replication-strategy-options={{ $replicationStrategyOptions }} + +storage.cql.local-datacenter={{ .Values.cassandra.datacenterName }} + +cache.db-cache ={{ .Values.cassandra.db_cache }} +cache.db-cache-clean-wait = 20 +cache.db-cache-time = 180000 +cache.db-cache-size = 0.5 + +cache.tx-cache-size = 1000000 + +storage.lock.retries=5 +graph.replace-instance-if-exists=true diff --git a/kubernetes/sdc/components/sdc-be/resources/config/ready-probe.sh b/kubernetes/sdc/components/sdc-be/resources/config/ready-probe.sh new file mode 100644 index 0000000000..4bad479d91 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/ready-probe.sh @@ -0,0 +1,9 @@ +#!/bin/sh +health_check_http_code=$(curl -k --max-time 5 -o /dev/null -w '%{http_code}' {{ if .Values.global.disableHttp }}https://127.0.0.1:{{ .Values.beSslPort }}{{- else -}}http://127.0.0.1:{{ .Values.beHttpPort }}{{- end -}}/sdc2/rest/healthCheck) + +if [ "$health_check_http_code" -eq 200 ]; then + exit 0 +else + echo "Health check http status: $health_check_http_code" + exit 1 +fi diff --git a/kubernetes/sdc/components/sdc-be/resources/config/resource/key.properties b/kubernetes/sdc/components/sdc-be/resources/config/resource/key.properties new file mode 100644 index 0000000000..72fd2f6440 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/resource/key.properties @@ -0,0 +1,41 @@ +### +# ============LICENSE_START========================================== +# ONAP Portal SDK +# =================================================================== +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# +# Unless otherwise specified, all software contained herein is licensed +# under the Apache License, Version 2.0 (the ?License?); +# you may not use this software except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ?License?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ============LICENSE_END============================================ +# +# +### + +# Properties read by the ECOMP Framework library (epsdk-fw) + +cipher.enc.key = AGLDdG4D04BKm2IxIWEr8o== diff --git a/kubernetes/sdc/components/sdc-be/resources/config/resource/portal.properties b/kubernetes/sdc/components/sdc-be/resources/config/resource/portal.properties new file mode 100644 index 0000000000..c3ba1b1aa0 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/resource/portal.properties @@ -0,0 +1,89 @@ +### +# ============LICENSE_START========================================== +# ONAP Portal SDK +# =================================================================== +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# +# Unless otherwise specified, all software contained herein is licensed +# under the Apache License, Version 2.0 (the ?License?); +# you may not use this software except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ?License?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ============LICENSE_END============================================ +# +# +### +# Properties read by ECOMP Framework library, ecompFW.jar + +########################################################################## +# The following properties should NOT be changed by partner applications. +########################################################################## + +portal.api.prefix = /api +max.idle.time = 5 +user.attribute.name = user_attribute + +#Use REST API instead of UEB to fetch the functional menu data +use_rest_for_functional_menu=true + + +########################################################################## +# The following properties MUST be changed by partner applications. +########################################################################## + +# Name of java class that implements the OnBoardingApiService interface. +portal.api.impl.class = org.openecomp.sdc.be.ecomp.PortalRestApiCentralServiceImpl +role_access_centralized = remote + +# Cookie set by CSP-SSO +#csp_cookie_name = onapCsp + +# CSP setting, most use PROD; DEV also recognized +csp_gate_keeper_prod_key = PROD + +# URL of the Portal where this app is onboarded +ecomp_redirect_url = https://portal-app.onap:30225/ONAPPORTAL/login.htm + +# URL of the ECOMP Portal REST API +ecomp_rest_url = https://portal-app.onap:8443/ONAPPORTAL/auxapi + +# Connection and Read timeout values +ext_req_connection_timeout = 15000 +ext_req_read_timeout = 20000 + +# Name of java class that implements the OnBoardingApiService interface. +portal.api.impl.class = org.openecomp.sdc.be.ecomp.PortalRestApiCentralServiceImpl + +#Portal user & key +portal_app_name = Ipwxi2oLvDxctMA1royaRw1W0jhucLx+grHzci3ePIA= +portal_pass = j85yNhyIs7zKYbR1VlwEfNhS6b7Om4l0Gx5O8931sCI= +portal_user = Ipwxi2oLvDxctMA1royaRw1W0jhucLx+grHzci3ePIA= + + +# UEB key generated while on-boarding +ueb_app_key = "" + +# Applications do not need to run a UEB listener after 1607. +ueb_listeners_enable = false diff --git a/kubernetes/sdc/components/sdc-be/resources/config/start.d/http.ini b/kubernetes/sdc/components/sdc-be/resources/config/start.d/http.ini new file mode 100644 index 0000000000..e637e2378d --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/start.d/http.ini @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: http +--module=http + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port= {{ .Values.jetty.httpPort }} + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/kubernetes/sdc/components/sdc-be/resources/config/start.d/https.ini b/kubernetes/sdc/components/sdc-be/resources/config/start.d/https.ini new file mode 100644 index 0000000000..68c36e8c57 --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/start.d/https.ini @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port={{ .Values.jetty.httpsPort }} + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/kubernetes/sdc/components/sdc-be/resources/config/start.d/ssl.ini b/kubernetes/sdc/components/sdc-be/resources/config/start.d/ssl.ini new file mode 100644 index 0000000000..43941594de --- /dev/null +++ b/kubernetes/sdc/components/sdc-be/resources/config/start.d/ssl.ini @@ -0,0 +1,100 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on +jetty.ssl.port={{ .Values.jetty.httpsPort }} + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +{{- if .Values.jetty.keystorePath }} +jetty.sslContext.keyStorePath={{ .Values.jetty.keystorePath }} +{{- end }} + +## Truststore file path (relative to $jetty.base) +{{- if .Values.jetty.truststorePath }} +i +jetty.sslContext.trustStorePath={{ .Values.jetty.truststorePath }} +{{- end }} + +## Keystore password +{{- if .Values.jetty.keystorePassword }} +jetty.sslContext.keyStorePassword={{ .Values.jetty.keystorePassword }} +{{- end }} + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +{{- if .Values.jetty.keystorePassword }} +jetty.sslContext.keyManagerPassword={{ .Values.jetty.keystorePassword }} +{{- end }} + +## Truststore password +# tp{{ .Values.jetty.truststorePassword }}end +# kp{{ .Values.jetty.keystorePassword }}end +{{- if .Values.jetty.truststorePassword }} +jetty.sslContext.trustStorePassword={{ .Values.jetty.truststorePassword }} +{{- end }} + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +jetty.sslContext.needClientAuth={{ .Values.jetty.truststorePassword | quote | default "false" | not | toString }} + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 diff --git a/kubernetes/sdc/components/sdc-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml index 332cd74661..77b70a2c81 100644 --- a/kubernetes/sdc/components/sdc-be/templates/configmap.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml @@ -27,5 +27,81 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} - - +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-http-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/http.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-https-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/https.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-ssl-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/ssl.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-catalog-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/catalog-be/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-catalog-be-resource-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/resource/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-be-ready-probe-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/ready-probe.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml index 229d4233cc..f55f723f78 100644 --- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml @@ -107,12 +107,26 @@ spec: failureThreshold: {{ .Values.startup.failureThreshold }} resources: {{ include "common.resources" . | nindent 12 }} env: - - name: ENVNAME - value: {{ .Values.env.name }} - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} - name: cassandra_ssl_enabled value: {{ .Values.config.cassandraSslEnabled | quote }} + - name: TLS_CERT + value: {{ .Values.be.tlsCert }} + - name: TLS_KEY + value: {{ .Values.be.tlsKey }} + - name: TLS_PASSWORD + value: {{ .Values.be.tlsPassword }} + - name: KEYSTORE_PATH + value: {{ .Values.be.keystorePath }} + - name: KEYSTORE_PASSWORD + value: {{ .Values.be.keystorePassword }} + - name: CA_CERT + value: {{ .Values.be.caCert }} + - name: TRUSTSTORE_PATH + value: {{ .Values.be.truststorePath }} + - name: TRUSTSTORE_PASSWORD + value: {{ .Values.be.truststorePassword }} - name: HOST_IP valueFrom: fieldRef: @@ -127,17 +141,43 @@ spec: value: {{ .Values.global.kafka.useKafka | quote }} {{- end }} volumeMounts: - - name: sdc-environments - mountPath: /app/jetty/chef-solo/environments/ - name: logs mountPath: /var/log/onap - name: logback mountPath: /tmp/logback.xml subPath: logback.xml + - name: http-config + mountPath: /app/jetty/start.d/http.ini + subPath: http.ini + - name: https-config + mountPath: /app/jetty/start.d/https.ini + subPath: https.ini + - name: ssl-config + mountPath: /app/jetty/start.d/ssl.ini + subPath: ssl.ini + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/janusgraph.properties + subPath: janusgraph.properties + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/distribution-engine-configuration.yaml + subPath: distribution-engine-configuration.yaml + - name: catalog-be-config + mountPath: /app/jetty/config/catalog-be/configuration.yaml + subPath: configuration.yaml + - name: catalog-be-resource-config + mountPath: /app/jetty/resources/key.properties + subPath: key.properties + - name: catalog-be-resource-config + mountPath: /app/jetty/resources/portal.properties + subPath: portal.properties + - name: ready-probe-config + mountPath: /app/jetty/ready-probe.sh + subPath: ready-probe.sh + lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + command: ["/bin/sh", "-c", "export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...'; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done copying logback.xml' ; echo 'Running BE_3_setup_key_and_trust_store.sh...' ; /app/jetty/BE_3_setup_key_and_trust_store.sh ; echo 'BE_3_setup_key_and_trust_store.sh completed' "] # side car containers {{ include "common.log.sidecar" . | nindent 8 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} @@ -146,10 +186,31 @@ spec: - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - - name: sdc-environments - configMap: - name: {{ include "common.release" . }}-sdc-environments-configmap - defaultMode: 0755 - name: logs emptyDir: {} + - name: http-config + configMap: + name: {{ include "common.release" . }}-sdc-http-be-configmap + defaultMode: 0755 + - name: https-config + configMap: + name: {{ include "common.release" . }}-sdc-https-be-configmap + defaultMode: 0755 + - name: ssl-config + configMap: + name: {{ include "common.release" . }}-sdc-ssl-be-configmap + defaultMode: 0755 + - name: catalog-be-config + configMap: + name: {{ include "common.release" . }}-sdc-catalog-be-configmap + defaultMode: 0755 + - name: catalog-be-resource-config + configMap: + name: {{ include "common.release" . }}-sdc-catalog-be-resource-configmap + defaultMode: 0755 + - name: ready-probe-config + configMap: + name: {{ include "common.release" . }}-sdc-be-ready-probe-configmap + defaultMode: 0755 {{- include "common.imagePullSecrets" . | nindent 6 }} + diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml index 30400a80b7..02d04154e9 100644 --- a/kubernetes/sdc/components/sdc-be/templates/job.yaml +++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml @@ -57,6 +57,13 @@ spec: - name: {{ include "common.name" . }}-job image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.backendInitImage }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - -c + - | + /home/onap/create_consumer_and_user.sh + /home/onap/check_backend.sh + /home/onap/import_normatives.sh volumeMounts: - name: {{ include "common.fullname" . }}-environments mountPath: /home/onap/chef-solo/environments/ @@ -69,6 +76,28 @@ spec: valueFrom: fieldRef: fieldPath: status.podIP + - name: BE_IP + value: {{ .Values.beInit.beIp }} + - name: DISABLE_HTTP + value: {{ .Values.disableHttp | quote }} + - name: BE_HTTPS_PORT + value: {{ .Values.beSslPort | quote }} + - name: BE_HTTP_PORT + value: {{ .Values.beHttpPort | quote }} + - name: TLS_CERT + value: {{ .Values.beInit.tlsCert }} + - name: TLS_KEY + value: {{ .Values.beInit.tlsKey }} + - name: TLS_KEY_PW + value: {{ .Values.beInit.tlsKeyPw }} + - name: CA_CERT + value: {{ .Values.beInit.caCert }} + - name: BASIC_AUTH_ENABLED + value: {{ .Values.basicAuth.enabled | quote }} + - name: BASIC_AUTH_USER + value: {{ .Values.basicAuth.userName }} + - name: BASIC_AUTH_PASS + value: {{ .Values.basicAuth.userPass }} resources: limits: cpu: "800m" diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index c77d09a772..7d41915102 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -39,8 +39,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.13.8 -backendInitImage: onap/sdc-backend-init:1.13.8 +image: onap/sdc-backend-all-plugins:1.13.9 +backendInitImage: onap/sdc-backend-init:1.13.9 pullPolicy: Always @@ -191,3 +191,109 @@ wait_for_job_container: log: path: /var/log/onap logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + +####### +####### +pairEnvName: "" + + +cassandra: + hostname: cassandra-dc1-service.onap + port: 9042 + cassandraPassword: Aa1234%^! + cassandraUsername: asdc_user + connectionTimeout: 10000 + cassandraSslEnabled: false + keystoreLocation: "" + keystorePassword: "" + truststoreLocation: "" + truststorePassword: "" + clusterName: SDC-CS- + readConsistencyLevel: ONE + writeConsistencyLevel: ALL + #replication_strategy_options: dc1,3 + datacenterName: dc1 + replicationFactor: 3 + db_cache: true + +cassandraConfig: + cassandraHosts: [cassandra-dc1-service.onap] + cassandraPort: 9042 + localDataCenter: dc1 + socketReadTimeout: 20000 + socketConnectTimeout: 20000 + username: asdc_user + password: Aa1234%^! + ssl: false + keystorePath: "" + keystorePassword: false + truststorePath: "" + truststorePassword: "" +dmaapConsumerConfiguration: + active: false +permittedAncestors: "" +tlsCert: "" +tlsKey: "" +caCert: "" +janusGraphCfgFile: /app/jetty/config/catalog-be/janusgraph.properties +ONBOARDING_BE: + host: sdc-onboarding-be.onap + httpPort: 8081 + httpsPort: 8445 +dmaapProducerConfiguration: + hosts: olsd004.com:3905 + topic: SDC-FACADE-NOTIF-v1 + serviceName: dmaap.com:3905/events + environment: TEST + protocol: "" + aftEnvironment: "" + dme2preferredRouterFilePath: "" + username: user1@sdc.com + password: password== +appVersion: "" + +# Distrubution +uebPublicKey: iPIxkpAMI8qTcQj8 +uebSecretKey: Ehq3WyT4bkif4zwgEbvshGal +#distributionNotifTopicName: SDC-DISTR-NOTIF-TOPIC +#distributionStatusTopicName: SDC-DISTR-STATUS-TOPIC +kafkaBootStrapServers: onap-strimzi-kafka-bootstrap:9092 +chefEnvironment: AUTO + +jetty: + httpPort: 8080 + httpsPort: 8443 + keystorePath: "" + truststorePath: "" + keystorePassword: "" + truststorePassword: "" + +disableHttp: false +beFqdn: sdc-be.onap +beHttpPort: 8080 +beSslPort: 8443 +basicAuth: + enabled: true + userName: testName + userPass: testPass + +basicAuthConfig: + enabled: false +beInit: + beIp: sdc-be.onap + tlsCert: "" + tlsKey: "" + tlsKeyPw: "" + caCert: "" + + +be: + tlsCert: "" + tlsKey: "" + tlsPassword: "" + keystorePath: "" + keystorePassword: "" + caCert: "" + truststorePath: "" + truststorePassword: "" +#END diff --git a/kubernetes/sdc/components/sdc-cs/Chart.yaml b/kubernetes/sdc/components/sdc-cs/Chart.yaml index 3dfcca4721..8edbfbbb84 100644 --- a/kubernetes/sdc/components/sdc-cs/Chart.yaml +++ b/kubernetes/sdc/components/sdc-cs/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: ONAP Service Design and Creation Cassandra name: sdc-cs -version: 13.0.1 +version: 13.0.2 dependencies: - name: common diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 4b23752e50..b475488e74 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -73,8 +73,8 @@ cassandra: # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.13.8 -cassandraInitImage: onap/sdc-cassandra-init:1.13.8 +image: onap/sdc-cassandra:1.13.9 +cassandraInitImage: onap/sdc-cassandra-init:1.13.9 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-fe/Chart.yaml b/kubernetes/sdc/components/sdc-fe/Chart.yaml index dcda2d08fa..83197f3406 100644 --- a/kubernetes/sdc/components/sdc-fe/Chart.yaml +++ b/kubernetes/sdc/components/sdc-fe/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: ONAP Service Design and Creation Front End name: sdc-fe -version: 13.0.1 +version: 13.0.2 dependencies: - name: repositoryGenerator diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 857a4db83a..0079f83e6b 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -23,7 +23,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.13.8 +image: onap/sdc-frontend:1.13.9 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml index 872f562e68..afcbef20b1 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: ONAP Service Design and Creation Onboarding API name: sdc-onboarding-be -version: 13.0.1 +version: 13.0.2 dependencies: - name: repositoryGenerator diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml index ee22ff2cfd..dad7ce5e85 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml @@ -1,223 +1,223 @@ -<?xml version="1.0" encoding="utf-8"?>
-<!--
-# Copyright © 2018 Amdocs, Bell Canada, AT&T, ZTE
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
--->
-<configuration scan="true" scanPeriod="3 seconds">
- <property name="logDir" value="/var/log/onap"/>
- <property name="componentName" scope="system" value="sdc"/>
- <property name="subComponentName" scope="system" value="sdc-onboarding-be"/>
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>
- <property file="${config.home}/catalog-be/configuration.yaml"/>
- <property name="enable-all-log" scope="context" value="false"/>
- <!-- log file names -->
- <property name="errorLogName" value="error"/>
- <property name="metricsLogName" value="metrics"/>
- <property name="auditLogName" value="audit"/>
- <property name="debugLogName" value="debug"/>
- <property name="transactionLogName" value="transaction"/>
- <property name="allLogName" value="all"/>
- <property name="queueSize" value="256"/>
- <property name="maxFileSize" value="50MB"/>
- <property name="maxHistory" value="30"/>
- <property name="totalSizeCap" value="10GB"/>
- <property name="pattern"
- value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>
-
- <!-- STDOUT -->
- <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
-
- <!-- STDERR -->
- <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>ERROR</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
-
- <!-- All log -->
- <if condition='property("enable-all-log").equalsIgnoreCase("true")'>
- <then>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="ALL_ROLLING">
- <file>${logDirectory}/${allLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${allLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">
- <appender-ref ref="ALL_ROLLING"/>
- </appender>
- </then>
- </if>
- <!-- Error log -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="ERROR_ROLLING">
- <file>${logDirectory}/${errorLogName}.log</file>
- <!-- Audit messages filter - deny audit messages -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
- <marker>AUDIT_MARKER</marker>
- </evaluator>
- <onMismatch>NEUTRAL</onMismatch>
- <onMatch>DENY</onMatch>
- </filter>
- <!-- Transaction messages filter - deny Transaction messages -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
- <marker>TRANSACTION_MARKER</marker>
- </evaluator>
- <onMismatch>NEUTRAL</onMismatch>
- <onMatch>DENY</onMatch>
- </filter>
- <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- Debug log -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="DEBUG_ROLLING">
- <file>${logDirectory}/${debugLogName}.log</file>
- <!-- No need to deny audit messages - they are INFO only, will be denied anyway -->
- <!-- Transaction messages filter - deny Transaction messages, there are some DEBUG level messages among them -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
- <marker>TRANSACTION_MARKER</marker>
- </evaluator>
- <onMismatch>NEUTRAL</onMismatch>
- <onMatch>DENY</onMatch>
- </filter>
- <!-- accept DEBUG and TRACE level -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator">
- <expression>e.level.toInt() <= DEBUG.toInt()</expression>
- </evaluator>
- <OnMismatch>DENY</OnMismatch>
- <OnMatch>NEUTRAL</OnMatch>
- </filter>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- Audit log -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="AUDIT_ROLLING">
- <file>${logDirectory}/${auditLogName}.log</file>
- <!-- Audit messages filter - accept audit messages -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
- <marker>AUDIT_MARKER</marker>
- </evaluator>
- <onMismatch>DENY</onMismatch>
- <onMatch>ACCEPT</onMatch>
- </filter>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- SdncTransaction log -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="TRANSACTION_ROLLING">
- <file>${logDirectory}/${transactionLogName}.log</file>
- <!-- Transaction messages filter - accept audit messages -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
- <marker>TRANSACTION_MARKER</marker>
- </evaluator>
- <onMismatch>DENY</onMismatch>
- <onMatch>ACCEPT</onMatch>
- </filter>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${transactionLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- Asynchronicity Configurations -->
- <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="DEBUG_ROLLING"/>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="TRANSACTION_ROLLING"/>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="ERROR_ROLLING"/>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="AUDIT_ROLLING"/>
- </appender>
- <root level="INFO">
- <appender-ref ref="ASYNC_ERROR"/>
- <appender-ref ref="ASYNC_DEBUG"/>
- <appender-ref ref="ASYNC_AUDIT"/>
- <appender-ref ref="ASYNC_TRANSACTION"/>
- <if condition='property("enable-all-log").equalsIgnoreCase("true")'>
- <then>
- <appender-ref ref="ALL_ROLLING"/>
- </then>
- </if>
- <appender-ref ref="STDOUT"/>
- <appender-ref ref="STDERR"/>
- </root>
- <logger level="INFO" name="org.openecomp.sdc"/>
-</configuration>
+<?xml version="1.0" encoding="utf-8"?> +<!-- +# Copyright © 2018 Amdocs, Bell Canada, AT&T, ZTE +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> +<configuration scan="true" scanPeriod="3 seconds"> + <property name="logDir" value="/var/log/onap"/> + <property name="componentName" scope="system" value="sdc"/> + <property name="subComponentName" scope="system" value="sdc-onboarding-be"/> + <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/> + <property file="${config.home}/catalog-be/configuration.yaml"/> + <property name="enable-all-log" scope="context" value="false"/> + <!-- log file names --> + <property name="errorLogName" value="error"/> + <property name="metricsLogName" value="metrics"/> + <property name="auditLogName" value="audit"/> + <property name="debugLogName" value="debug"/> + <property name="transactionLogName" value="transaction"/> + <property name="allLogName" value="all"/> + <property name="queueSize" value="256"/> + <property name="maxFileSize" value="50MB"/> + <property name="maxHistory" value="30"/> + <property name="totalSizeCap" value="10GB"/> + <property name="pattern" + value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/> + + <!-- STDOUT --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + + <!-- STDERR --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <encoder> + <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern> + </encoder> + </appender> + + <!-- All log --> + <if condition='property("enable-all-log").equalsIgnoreCase("true")'> + <then> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="ALL_ROLLING"> + <file>${logDirectory}/${allLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${allLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL"> + <appender-ref ref="ALL_ROLLING"/> + </appender> + </then> + </if> + <!-- Error log --> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="ERROR_ROLLING"> + <file>${logDirectory}/${errorLogName}.log</file> + <!-- Audit messages filter - deny audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>AUDIT_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + <!-- Transaction messages filter - deny Transaction messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <!-- Debug log --> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="DEBUG_ROLLING"> + <file>${logDirectory}/${debugLogName}.log</file> + <!-- No need to deny audit messages - they are INFO only, will be denied anyway --> + <!-- Transaction messages filter - deny Transaction messages, there are some DEBUG level messages among them --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + <!-- accept DEBUG and TRACE level --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator"> + <expression>e.level.toInt() <= DEBUG.toInt()</expression> + </evaluator> + <OnMismatch>DENY</OnMismatch> + <OnMatch>NEUTRAL</OnMatch> + </filter> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <!-- Audit log --> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="AUDIT_ROLLING"> + <file>${logDirectory}/${auditLogName}.log</file> + <!-- Audit messages filter - accept audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>AUDIT_MARKER</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <!-- SdncTransaction log --> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="TRANSACTION_ROLLING"> + <file>${logDirectory}/${transactionLogName}.log</file> + <!-- Transaction messages filter - accept audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${transactionLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <!-- Asynchronicity Configurations --> + <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="DEBUG_ROLLING"/> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="TRANSACTION_ROLLING"/> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="ERROR_ROLLING"/> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="AUDIT_ROLLING"/> + </appender> + <root level="INFO"> + <appender-ref ref="ASYNC_ERROR"/> + <appender-ref ref="ASYNC_DEBUG"/> + <appender-ref ref="ASYNC_AUDIT"/> + <appender-ref ref="ASYNC_TRANSACTION"/> + <if condition='property("enable-all-log").equalsIgnoreCase("true")'> + <then> + <appender-ref ref="ALL_ROLLING"/> + </then> + </if> + <appender-ref ref="STDOUT"/> + <appender-ref ref="STDERR"/> + </root> + <logger level="INFO" name="org.openecomp.sdc"/> +</configuration> diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/config-helmvalidator.yaml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/config-helmvalidator.yaml new file mode 100644 index 0000000000..fe132179ee --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/config-helmvalidator.yaml @@ -0,0 +1,6 @@ +hValidatorEnabled: {{ .Values.sdcHelmValidator.enabled }} +hValidatorUrl: {{ .Values.sdcHelmValidator.url }} +hValidatorVersion: {{ .Values.sdcHelmValidator.helmVersion }} +hValidatorDeployable: {{ .Values.sdcHelmValidator.deployable }} +hValidatorLintable: {{ .Values.sdcHelmValidator.lintable }} +hValidatorStrictLintable: {{ .Values.sdcHelmValidator.strictLintable }} diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/config-vnfrepo.yaml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/config-vnfrepo.yaml new file mode 100644 index 0000000000..8b8bdec476 --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/config-vnfrepo.yaml @@ -0,0 +1,4 @@ +vnfRepoPort: {{ .Values.VnfRepo.vnfRepoPort }} +vnfRepoHost: refrepo.{{include "common.namespace" .}} +getVnfUri: /onapapi/vnfsdk-marketplace/v1/PackageResource/csars +downloadVnfUri: /onapapi/vnfsdk-marketplace/v1/PackageResource/csars/%s/files/app/jetty/config/onboarding-be diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/externaltesting-configuration.yaml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/externaltesting-configuration.yaml new file mode 100644 index 0000000000..a617f13968 --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/externaltesting-configuration.yaml @@ -0,0 +1,5 @@ +client: + enabled: true +endpoints: + - {{ .Values.EXTTEST.ep1_config }} + - {{ .Values.EXTTEST.ep2_config }} diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/features.properties b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/features.properties new file mode 100644 index 0000000000..54c4dea02b --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/features.properties @@ -0,0 +1 @@ +EXTERNAL_LICENSE=true diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/onboarding_configuration.yaml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/onboarding_configuration.yaml new file mode 100644 index 0000000000..665d891c83 --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/onboarding-config/onboarding_configuration.yaml @@ -0,0 +1,72 @@ +catalogNotificationsConfig: + # catalog backend protocol + catalogBeProtocol: {{ if .Values.global.disableHttp }}https{{- else }}http{{- end }} + catalogBeHttpPort: {{ (.Values.global.BE).http_port }} + catalogBeSslPort: {{ (.Values.global.BE).https_port }} + catalogBeFqdn: sdc-be.{{ include "common.namespace" . }} + # do not remove the "" from catalog_notification_url. it is escaping % characters coming from AUTO.json + catalogNotificationUrl: {{ .Values.ONBOARDING_BE.catalog_notification_url | quote }} + +notifications: + pollingIntervalMsec: 2000 + selectionSize: 100 + beHost: sdc-onboarding-be.{{ include "common.namespace" . }} + beHttpPort: {{ .Values.ONBOARDING_BE.http_port }} + +cassandraConfig: + cassandraHosts: [ {{ .Values.global.sdc_cassandra.serviceName }}.{{ include "common.namespace" . }} ] + cassandraPort: {{ .Values.cassandra.cassandra_port }} + localDataCenter: {{ .Values.global.sdc_cassandra.dataCenter }} + reconnectTimeout: 30000 + socketReadTimeout: {{ .Values.cassandra.socket_read_timeout }} + socketConnectTimeout: {{ .Values.cassandra.socket_connect_timeout }} + authenticate: true + username: {{ .Values.cassandra.cassandra_user }} + password: {{ .Values.cassandra.cassandra_password }} + ssl: {{ .Values.config.cassandraSslEnabled }} + truststorePath: {{ .Values.JETTY_BASE }}/etc/truststore + truststorePassword: {{ .Values.cassandra.truststore_password }} + +authCookie: + securityKey: MlB1WHFpSHNVTWdJZU1PcQ== + maxSessionTimeOut: 86400000 + sessionIdleTimeOut: 3600000 + cookieName: "AuthenticationCookie" + path: / + domain: "" + isHttpOnly: true + # redirect variable name from portal.properties file + redirectURL: "redirect_url" + excludedUrls: [ '/.*' ] + onboardingExcludedUrls: [ '/.*' ] + +basicAuth: + enabled: {{ .Values.basic_auth.enabled }} + userName: {{ .Values.basic_auth.user_name }} + userPass: {{ .Values.basic_auth.user_pass }} + excludedUrls: "/v1.0/healthcheck" + +zipValidation: + ignoreManifest: false + +externalCsarStore: + storageType: NONE # NONE, MINIO + endpoint: + host: 127.0.0.1 + port: 9000 + secure: false + credentials: + accessKey: "login" + secretKey: "password" + foldersToStrip: + - Files/images + sizeLimit: 10000000 + thresholdEntries: 10000 + tempPath: "/home/onap/temp/" + uploadPartSize: 200000000 + +#Space separated list of permitted ancestors +permittedAncestors: {{ .Values.permittedAncestors | join " " }} + +# Comma separated list of excluded URLs by the DataValidatorFilter +dataValidatorFilterExcludedUrls: "/healthCheck,/followed,/authorize" diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/ready-probe.sh b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/ready-probe.sh new file mode 100644 index 0000000000..54ed6960df --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/ready-probe.sh @@ -0,0 +1,8 @@ +#!/bin/sh +health_check_http_code=$(curl -k --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "Accept: application/json" "{{ if .Values.global.disableHttp }}https://127.0.0.1:{{ .Values.ONBOARDING_BE.https_port }}{{- else -}}http://127.0.0.1:{{ .Values.ONBOARDING_BE.http_port }}{{- end -}}/onboarding-api/v1.0/healthcheck") +if [ "$health_check_http_code" -eq 200 ]; then + exit 0 +else + echo "Health check http status: $health_check_http_code" + exit 1 +fi diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/http.ini b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/http.ini new file mode 100644 index 0000000000..e4e66c5387 --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/http.ini @@ -0,0 +1,29 @@ +# Module: http +--module=http + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +#jetty.http.port=8081 +jetty.http.port= {{ .Values.ONBOARDING_BE.http_port }} + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/https.ini b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/https.ini new file mode 100644 index 0000000000..ec92157dd2 --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/https.ini @@ -0,0 +1,31 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on + +#jetty.https.port=8445 +jetty.https.port= {{ .Values.ONBOARDING_BE.https_port }} + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/ssl.ini b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/ssl.ini new file mode 100644 index 0000000000..70ceffb631 --- /dev/null +++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/start.d/ssl.ini @@ -0,0 +1,98 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on + +#jetty.ssl.port=8445 +jetty.ssl.port = {{ .Values.ONBOARDING_BE.https_port }} + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12 + +## Truststore file path (relative to $jetty.base) +jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks + +## Keystore password +# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 + +#jetty.sslContext.keyStorePassword=?(kP!Yur![*!Y5!E^f(ZKc31 +jetty.sslContext.keyStorePassword= {{ .Values.jetty.keyStorePassword }} + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g + +#jetty.sslContext.keyManagerPassword=?(kP!Yur![*!Y5!E^f(ZKc31 +jetty.sslContext.keyManagerPassword= {{ .Values.jetty.keyManagerPassword }} + +## Truststore password +# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 + +#jetty.sslContext.trustStorePassword=z+KEj;t+,KN^iimSiS89e#p0 +jetty.sslContext.trustStorePassword= {{ .Values.jetty.trustStorePassword }} + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +# jetty.sslContext.needClientAuth=false + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml index aa632f33f4..06e6b79956 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml @@ -27,3 +27,68 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-onboarding-be-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/onboarding-config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-http-04-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/http.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-https-04-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/https.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-ssl-04-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/start.d/ssl.ini").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.release" . }}-sdc-ready-probe-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/ready-probe.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml index 24715bcaec..47ae2bbfdd 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml @@ -104,13 +104,38 @@ spec: - name: SDC_CERT_DIR value: "" volumeMounts: - - name: sdc-environments - mountPath: /app/jetty/chef-solo/environments/ - name: logs mountPath: /var/log/onap - name: logback mountPath: /tmp/logback.xml subPath: logback.xml + - name: onboarding-conf + mountPath: /app/jetty/config/onboarding-be/config-vnfrepo.yaml + subPath: config-vnfrepo.yaml + - name: onboarding-conf + mountPath: /app/jetty/config/onboarding-be/onboarding_configuration.yaml + subPath: onboarding_configuration.yaml + - name: onboarding-conf + mountPath: /app/jetty/config/onboarding-be/config-helmvalidator.yaml + subPath: config-helmvalidator.yaml + - name: onboarding-conf + mountPath: /app/jetty/config/onboarding-be/externaltesting-configuration.yaml + subPath: externaltesting-configuration.yaml + - name: onboarding-conf + mountPath: /app/jetty/config/onboarding-be/features.properties + subPath: features.properties + - name: http-config + mountPath: /app/jetty/start.d/http.ini + subPath: http.ini + - name: https-config + mountPath: /app/jetty/start.d/https.ini + subPath: https.ini + - name: ssl-config + mountPath: /app/jetty/start.d/ssl.ini + subPath: ssl.ini + - name: ready-probe-config + mountPath: /app/jetty/ready-probe.sh + subPath: ready-probe.sh lifecycle: postStart: exec: @@ -123,10 +148,27 @@ spec: - name: logback configMap: name : {{ include "common.fullname" . }}-logging-configmap - - name: sdc-environments + - name: onboarding-conf configMap: - name: {{ include "common.release" . }}-sdc-environments-configmap + name: {{ include "common.release" . }}-sdc-onboarding-be-configmap + defaultMode: 0755 + - name: http-config + configMap: + name: {{ include "common.release" . }}-sdc-http-04-configmap + defaultMode: 0755 + - name: https-config + configMap: + name: {{ include "common.release" . }}-sdc-https-04-configmap + defaultMode: 0755 + - name: ssl-config + configMap: + name: {{ include "common.release" . }}-sdc-ssl-04-configmap + defaultMode: 0755 + - name: ready-probe-config + configMap: + name: {{ include "common.release" . }}-sdc-ready-probe-configmap defaultMode: 0755 - name: logs emptyDir: {} {{- include "common.imagePullSecrets" . | nindent 6 }} + diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index 7ab2d371c6..a928e103d9 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.13.8 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.13.8 +image: onap/sdc-onboard-backend:1.13.9 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.13.9 pullPolicy: Always # flag to enable debugging - application support required @@ -159,3 +159,54 @@ wait_for_job_container: log: path: /var/log/onap logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + +################################################################# +# Settings from Default.rb +################################################################# +ONBOARDING_BE: + http_port: 8081 + https_port: 8445 + catalog_notification_url: "%s://%s:%s/sdc2/rest/v1/catalog/notif/vsp/" +FE: + http_port: 8181 + https_port: 9443 +disableHttp: true +cassandra: + truststore_password: Aa123456 + cassandra_port: 9042 + datacenter_name: DC- + cluster_name: SDC-CS- + socket_read_timeout: 20000 + socket_connect_timeout: 20000 + janusgraph_connection_timeout: 10000 + cassandra_user: asdc_user + cassandra_password: Aa1234%^! +sdcHelmValidator: + enabled: true + helmVersion: 3.5.2 + deployable: true + lintable: false + strictLintable: false + url: http://sdc-helm-validator:8080/validate +VnfRepo: + vnfRepoPort: 8703 + vnfRepoHost: refrepo +jetty: + trustStorePassword: "z+KEj;t+,KN^iimSiS89e#p0" + keyManagerPassword: "?(kP!Yur![*!Y5!E^f(ZKc31" + keyStorePassword: "?(kP!Yur![*!Y5!E^f(ZKc31" +basic_auth: + enabled: true + user_name: testName + user_pass: testPass + excludedUrls: /v1.0/healthcheck + +EXTTEST: + ep1_config: vtp,VTP,true,http://refrepo:8702/onapapi/vnfsdk-marketplace,onap.* + ep2_config: repository,Repository,false,,.* + +#Addiding extra Envs +permittedAncestors: "" +JETTY_BASE: "/app/jetty" +http_option: http_option + diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index 9cfae6ac66..fb6da37cec 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -37,7 +37,7 @@ global: #serviceName: cassandra #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled #to match with its own cluster replica - #see "cassandra: replicaCount" in file sdc-cs/values.yaml) + #see "cassandra: replicaCount" in file sdc-cs/values.yaml replicaCount: 3 dbCache: true readConsistencyLevel: ONE @@ -49,6 +49,10 @@ global: #and cassandra 4.1.* must be "3.4.6" cqlVersion: "3.4.6" + BE: + http_port: 8080 + https_port: 8443 + centralizedLoggingEnabled: true # global Kafka config passed to sdc-be chart kafka: @@ -94,3 +98,26 @@ sdcHelmValidator: lintable: false strictLintable: false url: http://sdc-helm-validator:8080/validate + +ONBOARDING_BE: + http_port: 8081 + https_port: 8445 + catalog_notification_url: "%s://%s:%s/sdc2/rest/v1/catalog/notif/vsp/" +cassandra: + cassandra_port: 9042 + concurrent_reads: 32 + num_tokens: 256 + data_dir: /var/lib/cassandra/data + hinted_handoff_enabled: true + cassandra_user: asdc_user + cassandra_password: Aa1234%^! + concurrent_writes: 32 + multithreaded_compaction: false + cache_dir: "/var/lib/cassandra/saved_caches" + log_file: "/var/lib/cassandra/log/system.log" + phi_convict_threshold: 8 + commitlog_dir: "/var/lib/cassandra/commitlog" + socket_read_timeout: 20000 + socket_connect_timeout: 20000 + janusgraph_connection_timeout: 10000 + |