diff options
75 files changed, 1728 insertions, 54 deletions
diff --git a/kubernetes/appc/charts/appc-cdt/values.yaml b/kubernetes/appc/charts/appc-cdt/values.yaml index d302c4d630..0b84af1002 100644 --- a/kubernetes/appc/charts/appc-cdt/values.yaml +++ b/kubernetes/appc/charts/appc-cdt/values.yaml @@ -26,7 +26,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/appc-cdt-image:1.5.0-SNAPSHOT-latest +image: onap/appc-cdt-image:1.5.0 pullPolicy: Always # application configuration diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index e09607e408..65e47567b7 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -31,7 +31,7 @@ global: flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/appc-image:1.5.0-SNAPSHOT-latest +image: onap/appc-image:1.5.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml index 13b868ab6f..9356c47522 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-kibana:4.0-STAGING-latest +image: onap/clamp-dashboard-kibana:4.0.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml index c81117ffd7..b3d93bb601 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp-dashboard-logstash:4.0-STAGING-latest +image: onap/clamp-dashboard-logstash:4.0.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml index a806e77da8..f4c579b199 100644 --- a/kubernetes/clamp/values.yaml +++ b/kubernetes/clamp/values.yaml @@ -30,7 +30,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/clamp:4.0-STAGING-latest +image: onap/clamp:4.0.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/common/etcd/.helmignore b/kubernetes/common/etcd/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/common/etcd/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml new file mode 100644 index 0000000000..31a8ad55f0 --- /dev/null +++ b/kubernetes/common/etcd/Chart.yaml @@ -0,0 +1,23 @@ +# Copyright © 2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: etcd +home: https://github.com/coreos/etcd +version: 4.0.0 +appVersion: 2.2.5 +description: Distributed reliable key-value store for the most critical data of a + distributed system. +-icon: https://raw.githubusercontent.com/coreos/etcd/master/logos/etcd-horizontal-color.png +sources: +- https://github.com/coreos/etcd diff --git a/kubernetes/common/etcd/requirements.yaml b/kubernetes/common/etcd/requirements.yaml new file mode 100644 index 0000000000..0ddbcbef4a --- /dev/null +++ b/kubernetes/common/etcd/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/common/etcd/templates/pv.yaml b/kubernetes/common/etcd/templates/pv.yaml new file mode 100644 index 0000000000..eeaa64598d --- /dev/null +++ b/kubernetes/common/etcd/templates/pv.yaml @@ -0,0 +1,40 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ if .Values.persistence.enabled }} +{{- $root := . -}} +{{ range $i, $e := until (int $root.Values.replicaCount) }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} + labels: + type: {{ $root.Values.persistence.storageType }} + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} +spec: + capacity: + storage: {{ $root.Values.persistence.size }} + accessModes: + - {{ $root.Values.persistence.accessMode }} + hostPath: + path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} + persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} +{{ end }} +{{ end }} + diff --git a/kubernetes/common/etcd/templates/service.yaml b/kubernetes/common/etcd/templates/service.yaml new file mode 100644 index 0000000000..692faa9f2d --- /dev/null +++ b/kubernetes/common/etcd/templates/service.yaml @@ -0,0 +1,37 @@ +# Copyright 2019 Intel Corporation Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" +metadata: + name: {{ include "common.servicename" . }} + labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ include "common.name" . }} +spec: + ports: + - name: {{ .Values.service.peerPortName }} + port: {{ .Values.service.peerInternalPort }} + - name: {{ .Values.service.clientPortName }} + port: {{ .Values.service.clientInternalPort }} + clusterIP: None + selector: + app: {{ include "common.name" . }} + release: "{{ .Release.Name }}" + diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml new file mode 100644 index 0000000000..ccc6b69971 --- /dev/null +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -0,0 +1,244 @@ +# Copyright © 2019 Intel Corporation Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.servicename" . }} + labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "common.name" . }} +spec: + serviceName: {{ include "common.servicename" . }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + heritage: "{{ .Release.Service }}" + release: "{{ .Release.Name }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ include "common.name" . }} + spec: +{{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} +{{- end }} +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} + containers: + - name: {{ include "common.servicename" . }} + image: "{{ .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: "{{ .Values.pullPolicy }}" + ports: + - containerPort: {{ .Values.service.peerInternalPort }} + name: {{ .Values.service.peerPortName }} + - containerPort: {{ .Values.service.clientInternalPort }} + name: {{ .Values.service.clientPortName }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: ["/bin/sh", "-c", "etcdctl cluster-health | grep -w healthy" ] + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{ end -}} + readinessProbe: + exec: + command: ["/bin/sh", "-c", "etcdctl cluster-health | grep -w healthy" ] + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 10 }} + env: + - name: INITIAL_CLUSTER_SIZE + value: {{ .Values.replicaCount | quote }} + - name: SET_NAME + value: {{ include "common.servicename" . }} +{{- if .Values.extraEnv }} +{{ toYaml .Values.extraEnv | indent 8 }} +{{- end }} + lifecycle: + preStop: + exec: + command: + - "/bin/sh" + - "-ec" + - | + EPS="" + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + EPS="${EPS}${EPS:+,}http://${SET_NAME}-${i}.${SET_NAME}:2379" + done + + HOSTNAME=$(hostname) + + member_hash() { + etcdctl member list | grep http://${HOSTNAME}.${SET_NAME}:2380 | cut -d':' -f1 | cut -d'[' -f1 + } + + SET_ID=${HOSTNAME##*[^0-9]} + + if [ "${SET_ID}" -ge ${INITIAL_CLUSTER_SIZE} ]; then + echo "Removing ${HOSTNAME} from etcd cluster" + ETCDCTL_ENDPOINT=${EPS} etcdctl member remove $(member_hash) + if [ $? -eq 0 ]; then + # Remove everything otherwise the cluster will no longer scale-up + rm -rf /var/run/etcd/* + fi + fi + command: + - "/bin/sh" + - "-ec" + - | + HOSTNAME=$(hostname) + + # store member id into PVC for later member replacement + collect_member() { + while ! etcdctl member list &>/dev/null; do sleep 1; done + etcdctl member list | grep http://${HOSTNAME}.${SET_NAME}:2380 | cut -d':' -f1 | cut -d'[' -f1 > /var/run/etcd/member_id + exit 0 + } + + eps() { + EPS="" + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + EPS="${EPS}${EPS:+,}http://${SET_NAME}-${i}.${SET_NAME}:2379" + done + echo ${EPS} + } + + member_hash() { + etcdctl member list | grep http://${HOSTNAME}.${SET_NAME}:2380 | cut -d':' -f1 | cut -d'[' -f1 + } + + # we should wait for other pods to be up before trying to join + # otherwise we got "no such host" errors when trying to resolve other members + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + while true; do + echo "Waiting for ${SET_NAME}-${i}.${SET_NAME} to come up" + ping -W 1 -c 1 ${SET_NAME}-${i}.${SET_NAME} > /dev/null && break + sleep 1s + done + done + + # re-joining after failure? + if [ -e /var/run/etcd/default.etcd ]; then + echo "Re-joining etcd member" + member_id=$(cat /var/run/etcd/member_id) + + # re-join member + ETCDCTL_ENDPOINT=$(eps) etcdctl member update ${member_id} http://${HOSTNAME}.${SET_NAME}:2380 | true + exec etcd --name ${HOSTNAME} \ + --listen-peer-urls http://0.0.0.0:2380 \ + --listen-client-urls http://0.0.0.0:2379\ + --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \ + --data-dir /var/run/etcd/default.etcd + fi + + # etcd-SET_ID + SET_ID=${HOSTNAME##*[^0-9]} + + # adding a new member to existing cluster (assuming all initial pods are available) + if [ "${SET_ID}" -ge ${INITIAL_CLUSTER_SIZE} ]; then + export ETCDCTL_ENDPOINT=$(eps) + + # member already added? + MEMBER_HASH=$(member_hash) + if [ -n "${MEMBER_HASH}" ]; then + # the member hash exists but for some reason etcd failed + # as the datadir has not be created, we can remove the member + # and retrieve new hash + etcdctl member remove ${MEMBER_HASH} + fi + + echo "Adding new member" + etcdctl member add ${HOSTNAME} http://${HOSTNAME}.${SET_NAME}:2380 | grep "^ETCD_" > /var/run/etcd/new_member_envs + + if [ $? -ne 0 ]; then + echo "Exiting" + rm -f /var/run/etcd/new_member_envs + exit 1 + fi + + cat /var/run/etcd/new_member_envs + source /var/run/etcd/new_member_envs + + collect_member & + + exec etcd --name ${HOSTNAME} \ + --listen-peer-urls http://0.0.0.0:2380 \ + --listen-client-urls http://0.0.0.0:2379 \ + --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \ + --data-dir /var/run/etcd/default.etcd \ + --initial-advertise-peer-urls http://${HOSTNAME}.${SET_NAME}:2380 \ + --initial-cluster ${ETCD_INITIAL_CLUSTER} \ + --initial-cluster-state ${ETCD_INITIAL_CLUSTER_STATE} + fi + + PEERS="" + for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do + PEERS="${PEERS}${PEERS:+,}${SET_NAME}-${i}=http://${SET_NAME}-${i}.${SET_NAME}:2380" + done + + collect_member & + + # join member + exec etcd --name ${HOSTNAME} \ + --initial-advertise-peer-urls http://${HOSTNAME}.${SET_NAME}:2380 \ + --listen-peer-urls http://0.0.0.0:2380 \ + --listen-client-urls http://0.0.0.0:2379 \ + --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \ + --initial-cluster-token etcd-cluster-1 \ + --initial-cluster ${PEERS} \ + --initial-cluster-state new \ + --data-dir /var/run/etcd/default.etcd + volumeMounts: + - name: {{ include "common.servicename" . }}-datadir + mountPath: /var/run/etcd + {{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.servicename" . }}-data + spec: + accessModes: + - "{{ .Values.persistence.accessMode }}" + resources: + requests: + # upstream recommended max is 700M + storage: "{{ .Values.persistence.storage }}" + {{- if .Values.persistence.storageClass }} + {{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" + {{- end }} + {{- end }} + {{- else }} + volumes: + - name: {{ include "common.servicename" . }}-datadir + {{- if .Values.memoryMode }} + emptyDir: + medium: Memory + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + diff --git a/kubernetes/common/etcd/values.yaml b/kubernetes/common/etcd/values.yaml new file mode 100644 index 0000000000..a999b0c530 --- /dev/null +++ b/kubernetes/common/etcd/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# + +#repository: etcd +repository: "k8s.gcr.io" +image: "etcd-amd64:2.2.5" +pullPolicy: Always + +# default number of instances in the StatefulSet +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 90 + periodSeconds: 10 + timeoutSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 90 + periodSeconds: 10 + +persistence: + enabled: false + ## etcd data Persistent Volume Storage Class + ## If defined, storageClassName: <storageClass> + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "-" + accessMode: "ReadWriteOnce" + storage: "1Gi" + mountPath: /dockerdata-nfs + mountSubPath: k8s-etcd + +## This is only available when persistentVolume is false: +## If persistentVolume is not enabled, one can choose to use memory mode for ETCD by setting memoryMode to "true". +## The system will create a volume with "medium: Memory" +memoryMode: false + +service: + name: k8s-etcd + peerInternalPort: 2380 + peerPortName: etcd-server + clientInternalPort : 2379 + clientPortName: etcd-client + +## Node labels and tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature +nodeSelector: {} +tolerations: [] +affinity: {} +extraEnv: [] +resources: {} + diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh index 78f79cedb7..5db036f708 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh @@ -70,11 +70,11 @@ curl --silent -X POST \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ - "prefix": "{{ .Values.service.vfw_protected_pool }}", + "prefix": "{{ .Values.service.private2 }}", "site": 1, "tenant": 1, "is_pool": false, - "description": "IP Pool for protected network - vFW use case" + "description": "IP Pool for private network 2" }' echo "Create Prefix for vFW unprotected network" @@ -83,11 +83,11 @@ curl --silent -X POST \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ - "prefix": "{{ .Values.service.vfw_unprotected_pool }}", + "prefix": "{{ .Values.service.private1 }}", "site": 1, "tenant": 1, "is_pool": false, - "description": "IP Pool for unprotected network - vFW use case" + "description": "IP Pool for private network 1" }' echo "Create Prefix for ONAP general purpose network" @@ -96,7 +96,7 @@ curl --silent -X POST \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ - "prefix": "{{ .Values.service.vfw_mgmt_pool }}", + "prefix": "{{ .Values.service.management }}", "site": 1, "tenant": 1, "is_pool": false, diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml index 96328caa95..ddfdc4b976 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml @@ -66,9 +66,9 @@ service: # The following subnet pool will be # configured in Netbox by provisioning script. - vfw_protected_pool: 192.168.20.0/24 - vfw_unprotected_pool: 192.168.10.0/24 - vfw_mgmt_pool: 10.0.101.0/24 + private1: 192.168.10.0/24 + private2: 192.168.20.0/24 + management: 10.0.101.0/24 ingress: enabled: false diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 6c5bb9a3bd..19e55ace64 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -97,8 +97,8 @@ default_k8s_location: central # Use to override default setting in blueprints componentImages: dashboard: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0-SNAPSHOT-latest - holmes_rules: onap/holmes/rule-management:1.2.4-STAGING-latest - holmes_engine: onap/holmes/engine-management:1.2.3-STAGING-latest + holmes_rules: onap/holmes/rule-management:1.2.6-STAGING-latest + holmes_engine: onap/holmes/engine-management:1.2.5-STAGING-latest tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.1 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.4 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props b/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props new file mode 100644 index 0000000000..3c29073e7a --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props @@ -0,0 +1,15 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-03-22T17:37:33.690+0000 +# @copyright 2016, AT&T +############################################################ +aaf_env=DEV +aaf_id=dmaap-bc@dmaap-bc.onap.org +aaf_locate_url={{ .Values.aafLocateUrl }} +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_etc_dir=/opt/app/osaaf/local +cadi_latitude=38.000 +cadi_longitude=-72.000 +cadi_prop_files=/opt/app/osaaf/local/org.onap.dmaap-bc.location.props:/opt/app/osaaf/local/org.onap.dmaap-bc.cred.props +cm_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1 diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml index 1066c946af..8ca07a353d 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml @@ -51,3 +51,16 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-aaf-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/aaf/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index fb31454c63..fffd4db847 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -97,6 +97,9 @@ spec: # since there may be more than one file in each mountPath - name: {{ include "common.name" . }}-config mountPath: /opt/app/config/conf/ + - name: {{ include "common.name" . }}-aaf-config + mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props + subPath: org.onap.dmaap-bc.props resources: {{ include "common.resources" . | indent 12 }} @@ -115,5 +118,8 @@ spec: - name: {{ include "common.name" . }}-config configMap: name: {{ include "common.fullname" . }}-config + - name: {{ include "common.name" . }}-aaf-config + configMap: + name: {{ include "common.fullname" . }}-aaf-config imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml index 4b51d44fa2..200988a3e2 100644 --- a/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml @@ -27,10 +27,12 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} + {{- if .Values.global.allow_http }} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.name }} + {{- end}} - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 6b974141d0..171ac45788 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -35,11 +35,13 @@ image: onap/dmaap/dmaap-bc:1.1.5 # application configuration dmaapMessageRouterService: message-router + # change the following value to point to Windriver instance maintained # by AAF team. # e.g. #aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/ aafURL: https://aaf-service:8100/ +aafLocateUrl: https://aaf-locate:8095 topicMgrUser: dmaap-bc@dmaap-bc.onap.org topicMgrPwd: demo123456! adminUser: aaf_admin@people.osaaf.org diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml index b7207017da..633898c213 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml @@ -28,13 +28,15 @@ spec: type: {{.Values.config.dmaapDrNode.servicetype}} ports: {{if eq .Values.config.dmaapDrNode.servicetype "NodePort" -}} + {{- if .Values.global.allow_http }} - port: {{.Values.config.dmaapDrNode.externalPort}} targetPort: {{.Values.config.dmaapDrNode.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrNode.nodePort}} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{.Values.config.dmaapDrNode.nodePort}} name: {{.Values.config.dmaapDrNode.name}} + {{- end}} - port: {{.Values.config.dmaapDrNode.externalPort2}} targetPort: {{.Values.config.dmaapDrNode.internalPort2}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrNode.nodePort2}} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{.Values.config.dmaapDrNode.nodePort2}} name: {{.Values.config.dmaapDrNode.name}}2 {{- else -}} - port: {{.Values.config.dmaapDrNode.externalPort}} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 3b1532f999..154018a018 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -16,6 +16,7 @@ # Global configuration defaults. ################################################################# global: + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -96,7 +97,7 @@ resources: config: # dr node server configuration dmaapDrNode: - servicetype: ClusterIP + servicetype: NodePort name: dmaap-dr-node externalPort: 8080 externalPort2: 8443 @@ -104,6 +105,8 @@ config: internalPort2: 8443 portName: dr-node-port portName2: dr-node-port2 + nodePort: 93 + nodePort2: 94 # dr provisioning server configuration dmaapDrProv: diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml index 691c9dcc9f..0b40389b55 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml @@ -30,7 +30,7 @@ metadata: "version": "v1", "url": "/", "protocol": "REST", - "port": "{{.Values.config.dmaapDrProv.externalPort}}", + "port": "{{.Values.config.dmaapDrProv.externalPort2}}", "visualRange":"1" } ]' @@ -38,11 +38,13 @@ metadata: spec: type: {{.Values.config.dmaapDrProv.servicetype}} ports: - {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} + {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" }} + {{- if .Values.global.allow_http }} - port: {{.Values.config.dmaapDrProv.externalPort}} targetPort: {{.Values.config.dmaapDrProv.internalPort}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort}} name: {{.Values.config.dmaapDrProv.name}} + {{- end}} - port: {{.Values.config.dmaapDrProv.externalPort2}} targetPort: {{.Values.config.dmaapDrProv.internalPort2}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort2}} diff --git a/kubernetes/dmaap/components/message-router/templates/service.yaml b/kubernetes/dmaap/components/message-router/templates/service.yaml index dfd90b28f2..1bce881a8e 100644 --- a/kubernetes/dmaap/components/message-router/templates/service.yaml +++ b/kubernetes/dmaap/components/message-router/templates/service.yaml @@ -39,9 +39,11 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} + {{- if .Values.global.allow_http }} - port: {{ .Values.service.externalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName }}-{{ .Values.service.externalPort }} + {{- end}} - port: {{ .Values.service.externalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} name: {{ .Values.service.portName }}-{{ .Values.service.externalPort2 }} diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index aa5165d443..333a3e3f6d 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -23,6 +23,10 @@ global: loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 clientImage: onap/dmaap/dbc-client:1.0.9 + +#Global DMaaP app config + allow_http: false + # application configuration config: logstashServiceName: log-ls diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml index d0e9d96ce7..bc279e0dcb 100644 --- a/kubernetes/msb/charts/msb-discovery/values.yaml +++ b/kubernetes/msb/charts/msb-discovery/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_discovery:1.2.3-STAGING-latest +image: onap/msb/msb_discovery:1.2.3 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml index e58e51bacb..e8b28ac2f2 100644 --- a/kubernetes/msb/charts/msb-eag/values.yaml +++ b/kubernetes/msb/charts/msb-eag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.4-STAGING-latest +image: onap/msb/msb_apigateway:1.2.4 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml index d091a84164..6008cea479 100644 --- a/kubernetes/msb/charts/msb-iag/values.yaml +++ b/kubernetes/msb/charts/msb-iag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.4-STAGING-latest +image: onap/msb/msb_apigateway:1.2.4 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/multicloud/Makefile b/kubernetes/multicloud/Makefile new file mode 100644 index 0000000000..fde29904c7 --- /dev/null +++ b/kubernetes/multicloud/Makefile @@ -0,0 +1,18 @@ +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +make-multicloud: make-multicloud-k8s + +make-multicloud-k8s: + cd charts && helm dep up multicloud-k8s && helm lint multicloud-k8s diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/.helmignore b/kubernetes/multicloud/charts/multicloud-fcaps/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/Chart.yaml b/kubernetes/multicloud/charts/multicloud-fcaps/Chart.yaml new file mode 100644 index 0000000000..ac5e8172f0 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019, CMCC Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP multicloud OpenStack fcaps Plugin +name: multicloud-fcaps +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml new file mode 100644 index 0000000000..dced27d69f --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/resources/config/log/log.yml @@ -0,0 +1,47 @@ +# Copyright (c) 2019, CMCC Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +version: 1 +disable_existing_loggers: False + +loggers: + fcaps: + handlers: [fcaps_handler] + level: "DEBUG" + propagate: False + newton_base: + handlers: [fcaps_handler] + level: "DEBUG" + propagate: False + common: + handlers: [fcaps_handler] + level: "DEBUG" + propagate: False + +handlers: + fcaps_handler: + level: "DEBUG" + class: "logging.handlers.RotatingFileHandler" + filename: "/var/log/onap/multicloud/openstack/fcaps/fcaps.log" + formatter: "mdcFormat" + maxBytes: 1024*1024*50 + backupCount: 10 + +formatters: + standard: + format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" + mdcFormat: + format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" + mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" + datefmt: "%Y-%m-%d %H:%M:%S" + (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-fcaps/templates/NOTES.txt new file mode 100644 index 0000000000..ae62a4f604 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright (c) 2019, CMCC Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-fcaps/templates/configmap.yaml new file mode 100644 index 0000000000..fce36dc5aa --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/templates/configmap.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright (c) 2019, CMCC Technologies Co., Ltd. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-fcaps/templates/deployment.yaml new file mode 100644 index 0000000000..f9abfc1695 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/templates/deployment.yaml @@ -0,0 +1,113 @@ +{{/* +# Copyright (c) 2019, CMCC Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + annotations: + sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + spec: + containers: + - env: + - name: MSB_ADDR + value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" + - name: MSB_PORT + value: "{{ .Values.config.msbPort }}" + - name: AAI_ADDR + value: aai.{{ include "common.namespace" . }} + - name: AAI_PORT + value: "{{ .Values.config.aai.port }}" + - name: AAI_SCHEMA_VERSION + value: "{{ .Values.config.aai.schemaVersion }}" + - name: AAI_USERNAME + value: "{{ .Values.config.aai.username }}" + - name: AAI_PASSWORD + value: "{{ .Values.config.aai.password }}" + name: {{ include "common.name" . }} + volumeMounts: + - mountPath: /var/log/onap + name: fcaps-log + - mountPath: /opt/fcaps/fcaps/pub/config/log.yml + name: fcaps-logconfig + subPath: log.yml + resources: +{{ include "common.resources" . | indent 12 }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + httpGet: + path: /api/multicloud-fcaps/v1/healthcheck + port: {{ .Values.service.internalPort }} + scheme: HTTP + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} + {{ end }} + # side car containers + - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: fcaps-log + - mountPath: /usr/share/filebeat/data + name: fcaps-data-filebeat + - image: {{ .Values.rabbitmq }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: rabbit-mq + + volumes: + - name: fcaps-log + emptyDir: {} + - name: fcaps-data-filebeat + emptyDir: {} + - name: filebeat-conf + configMap: + name: multicloud-filebeat-configmap + - name: fcaps-logconfig + configMap: + name: {{ include "common.fullname" . }}-log-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Always
\ No newline at end of file diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-fcaps/templates/service.yaml new file mode 100644 index 0000000000..ac3a8408c2 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/templates/service.yaml @@ -0,0 +1,60 @@ +{{/* +# Copyright (c) 2019, CMCC Technologies Co., Ltd. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "multicloud-fcaps", + "version": "v0", + "url": "/api/multicloud-fcaps/v0", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + }, + { + "serviceName": "multicloud-fcaps", + "version": "v1", + "url": "/api/multicloud-fcaps/v1", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/kubernetes/multicloud/charts/multicloud-fcaps/values.yaml b/kubernetes/multicloud/charts/multicloud-fcaps/values.yaml new file mode 100644 index 0000000000..e856e12a24 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-fcaps/values.yaml @@ -0,0 +1,90 @@ +# Copyright (c) 2019, CMCC Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/multicloud/openstack-fcaps:1.3.2 +pullPolicy: Always + +#Istio sidecar injection policy +istioSidecar: false + +# application configuration +config: + msbgateway: msb-iag + msbPort: 80 + aai: + port: 8443 + schemaVersion: v13 + username: AAI + password: AAI + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 5 + enabled: true + +service: + type: NodePort + name: multicloud-fcaps + portName: multicloud-fcaps + externalPort: 9011 + internalPort: 9011 + nodePort: 87 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} + +# rabbit-mq image resource +rabbitmq: rabbitmq:alpine diff --git a/kubernetes/multicloud/charts/multicloud-k8s/Chart.yaml b/kubernetes/multicloud/charts/multicloud-k8s/Chart.yaml new file mode 100644 index 0000000000..5a73ee32b4 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Multicloud Kubernetes Plugin +name: multicloud-k8s +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-k8s/requirements.yaml b/kubernetes/multicloud/charts/multicloud-k8s/requirements.yaml new file mode 100644 index 0000000000..566af50cfe --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/requirements.yaml @@ -0,0 +1,25 @@ +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + - name: mongo + version: ~4.x-0 + repository: '@local' + diff --git a/kubernetes/multicloud/charts/multicloud-k8s/resources/config/k8sconfig.json b/kubernetes/multicloud/charts/multicloud-k8s/resources/config/k8sconfig.json new file mode 100644 index 0000000000..e451421a5b --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/resources/config/k8sconfig.json @@ -0,0 +1,10 @@ +{ + "ca-file": "/opt/multicloud/k8splugin/certs/root_ca.cer", + "server-cert": "/opt/multicloud/k8splugin/certs/multicloud-k8s.pub", + "server-key": "/opt/multicloud/k8splugin/certs/multicloud-k8s.pr", + "password": "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA==", + + "database-type": "mongo", + "database-address": "multicloud-k8s-mongo", + "plugin-dir": "/opt/multicloud/k8splugin/plugins" +}
\ No newline at end of file diff --git a/kubernetes/multicloud/charts/multicloud-k8s/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-k8s/templates/configmap.yaml new file mode 100644 index 0000000000..c9d55fedf3 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/templates/configmap.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-k8s/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-k8s/templates/deployment.yaml new file mode 100644 index 0000000000..846a751336 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/templates/deployment.yaml @@ -0,0 +1,80 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }} + command: ["/opt/multicloud/k8splugin/k8plugin"] + workingDir: /opt/multicloud/k8splugin + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/multicloud/k8splugin/k8sconfig.json + name: {{ include "common.name" .}} + subPath: k8sconfig.json + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/multicloud/charts/multicloud-k8s/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-k8s/templates/service.yaml new file mode 100644 index 0000000000..eaf9f4dee5 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/templates/service.yaml @@ -0,0 +1,52 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "multicloud-k8s", + "version": "v1", + "url": "/", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.PortName }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/multicloud/charts/multicloud-k8s/values.yaml b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml new file mode 100644 index 0000000000..15aade560d --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-k8s/values.yaml @@ -0,0 +1,108 @@ +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefixExt: 304 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/multicloud/k8s:0.1.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration is via config files + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 30 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 30 + +service: + type: ClusterIP + name: multicloud-k8s + portName: multicloud-k8s + internalPort: 9015 + externalPort: 9015 + nodePort: 98 + +#Mongo chart overrides for k8splugin +mongo: + nameOverride: multicloud-k8s-mongo + service: + name: multicloud-k8s-mongo + internalPort: 27017 + nfsprovisionerPrefix: multicloud-k8s + sdnctlPrefix: multicloud-k8s + persistence: + mountSubPath: multicloud-k8s/mongo/data + enabled: true + disableNfsProvisioner: true + + +# No persistence right now as we rely on Mongo to handle that +persistence: + enabled: false + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: multicloud-k8s/data + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: large +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml index 53ce0d0ed6..de77ed07a9 100644 --- a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-ocata:1.3.1 +image: onap/multicloud/openstack-ocata:1.3.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml index 42aa7ca9e8..424188724c 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-pike/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-pike:1.3.1 +image: onap/multicloud/openstack-pike:1.3.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/config.json b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/config.json new file mode 100644 index 0000000000..d62fec6d85 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/config.json @@ -0,0 +1,70 @@ +{ + "name":"SDCDistributionGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":9014, + "userName":"healthcheck", + "password":"zb!XztG34", + "https":true + }, + "receptionHandlerParameters":{ + "SDCReceptionHandler":{ + "receptionHandlerType":"SDC", + "receptionHandlerClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandler", + "receptionHandlerConfigurationName":"sdcConfiguration", + "pluginHandlerParameters":{ + "artifactForwarders":{ + "PAPEngineForwarder":{ + "forwarderType":"PAPEngine", + "forwarderClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarder", + "forwarderConfigurationName": "k8sConfiguration" + } + } + } + } + }, + "receptionHandlerConfigurationParameters":{ + "sdcConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", + "parameters":{ + "asdcAddress": "sdc-be:8443", + "messageBusAddress": [ + "message-router" + ], + "user": "policy", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U", + "pollingInterval":20, + "pollingTimeout":30, + "consumerId": "policy-id", + "artifactTypes": [ + "TOSCA_CSAR", + "HEAT", + "HEAT_ENV", + "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT" + ], + "consumerGroup": "policy-group", + "environmentName": "AUTO", + "keystorePath": "null", + "keystorePassword": "null", + "activeserverTlsAuth": false, + "isFilterinEmptyResources": true, + "isUseHttpsWithDmaap": false + } + } + }, + "artifactForwarderConfigurationParameters":{ + "k8sConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarderParameterGroup", + "parameters":{ + "useHttps": true, + "hostname": "pdp", + "port": 8081, + "userName": "testpdp", + "password": "alpha123", + "clientAuth": "cHl0aG9uOnRlc3Q=", + "isManaged": true, + "pdpGroup": "default" + } + } + } +} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml index 0ccc3f9f95..62bacd7da5 100644 --- a/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml @@ -61,6 +61,8 @@ spec: - mountPath: /opt/starlingx/starlingx/pub/config/log.yml name: starlingx-logconfig subPath: log.yml + - mountPath: /opt/artifacts/ + name: artifact-data resources: {{ include "common.resources" . | indent 12 }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -93,6 +95,19 @@ spec: name: starlingx-log - mountPath: /usr/share/filebeat/data name: starlingx-data-filebeat + - image: "{{ include "common.repository" . }}/{{ .Values.global.artifactImage }}" + name: framework-artifactbroker + command: ["/opt/app/distribution/bin/artifact-dist.sh"] + args: ["/opt/app/distribution/etc/mounted/config.json"] + ports: + - containerPort: 9014 + protocol: TCP + volumeMounts: + - mountPath: /opt/app/distribution/etc/mounted/config.json + name: starlingx-logconfig + subPath: config.json + - mountPath: /data + name: artifact-data volumes: - name: starlingx-log @@ -105,6 +120,8 @@ spec: - name: starlingx-logconfig configMap: name: {{ include "common.fullname" . }}-log-configmap + - name: artifact-data + emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml index 723d77d6cb..32dcb8fc61 100644 --- a/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-starlingx:1.3.1 +image: onap/multicloud/openstack-starlingx:1.3.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/config.json b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/config.json new file mode 100644 index 0000000000..d62fec6d85 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-windriver/resources/config/log/config.json @@ -0,0 +1,70 @@ +{ + "name":"SDCDistributionGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":9014, + "userName":"healthcheck", + "password":"zb!XztG34", + "https":true + }, + "receptionHandlerParameters":{ + "SDCReceptionHandler":{ + "receptionHandlerType":"SDC", + "receptionHandlerClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandler", + "receptionHandlerConfigurationName":"sdcConfiguration", + "pluginHandlerParameters":{ + "artifactForwarders":{ + "PAPEngineForwarder":{ + "forwarderType":"PAPEngine", + "forwarderClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarder", + "forwarderConfigurationName": "k8sConfiguration" + } + } + } + } + }, + "receptionHandlerConfigurationParameters":{ + "sdcConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", + "parameters":{ + "asdcAddress": "sdc-be:8443", + "messageBusAddress": [ + "message-router" + ], + "user": "policy", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U", + "pollingInterval":20, + "pollingTimeout":30, + "consumerId": "policy-id", + "artifactTypes": [ + "TOSCA_CSAR", + "HEAT", + "HEAT_ENV", + "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACT" + ], + "consumerGroup": "policy-group", + "environmentName": "AUTO", + "keystorePath": "null", + "keystorePassword": "null", + "activeserverTlsAuth": false, + "isFilterinEmptyResources": true, + "isUseHttpsWithDmaap": false + } + } + }, + "artifactForwarderConfigurationParameters":{ + "k8sConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarderParameterGroup", + "parameters":{ + "useHttps": true, + "hostname": "pdp", + "port": 8081, + "userName": "testpdp", + "password": "alpha123", + "clientAuth": "cHl0aG9uOnRlc3Q=", + "isManaged": true, + "pdpGroup": "default" + } + } + } +} diff --git a/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml index 99b1ea9557..e6f1456874 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/templates/deployment.yaml @@ -62,6 +62,8 @@ spec: - mountPath: /opt/windriver/titanium_cloud/pub/config/log.yml name: windriver-logconfig subPath: log.yml + - mountPath: /opt/artifacts/ + name: artifact-data resources: {{ include "common.resources" . | indent 12 }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -94,6 +96,19 @@ spec: name: windriver-log - mountPath: /usr/share/filebeat/data name: windriver-data-filebeat + - image: "{{ include "common.repository" . }}/{{ .Values.global.artifactImage }}" + name: framework-artifactbroker + command: ["/opt/app/distribution/bin/artifact-dist.sh"] + args: ["/opt/app/distribution/etc/mounted/config.json"] + ports: + - containerPort: 9014 + protocol: TCP + volumeMounts: + - mountPath: /opt/app/distribution/etc/mounted/config.json + name: windriver-logconfig + subPath: config.json + - mountPath: /data + name: artifact-data volumes: - name: windriver-log @@ -106,6 +121,8 @@ spec: - name: windriver-logconfig configMap: name: {{ include "common.fullname" . }}-log-configmap + - name: artifact-data + emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml index 8a6acbd05f..4b8b76356c 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-windriver:1.3.1 +image: onap/multicloud/openstack-windriver:1.3.2 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml index 6188e43fb7..889c06bd47 100644 --- a/kubernetes/multicloud/values.yaml +++ b/kubernetes/multicloud/values.yaml @@ -20,6 +20,7 @@ global: nodePortPrefix: 302 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + artifactImage: onap/multicloud/framework-artifactbroker:1.3.1 prometheus: enabled: false diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml index be32774bc1..56d3ad65c8 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml @@ -97,6 +97,7 @@ ingress: # ref: http://kubernetes.io/docs/user-guide/compute-resources/ # Minimum memory for development is 2 CPU cores and 4GB memory # Minimum memory for production is 4 CPU cores and 8GB memory +flavor: small resources: small: limits: diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index f4d3ffb8ff..bdaa948be9 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -97,6 +97,7 @@ ingress: # ref: http://kubernetes.io/docs/user-guide/compute-resources/ # Minimum memory for development is 2 CPU cores and 4GB memory # Minimum memory for production is 4 CPU cores and 8GB memory +flavor: small resources: small: limits: diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml index 7c687f521b..84535be35d 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml @@ -84,6 +84,7 @@ ingress: # ref: http://kubernetes.io/docs/user-guide/compute-resources/ # Minimum memory for development is 2 CPU cores and 4GB memory # Minimum memory for production is 4 CPU cores and 8GB memory +flavor: small resources: small: limits: diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml index 0d50827dcb..70b0b61ee7 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml @@ -82,6 +82,7 @@ ingress: # ref: http://kubernetes.io/docs/user-guide/compute-resources/ # Minimum memory for development is 2 CPU cores and 4GB memory # Minimum memory for production is 4 CPU cores and 8GB memory +flavor: small resources: small: limits: diff --git a/kubernetes/oof/charts/oof-cmso/values.yaml b/kubernetes/oof/charts/oof-cmso/values.yaml index c4985df5a1..c97138bded 100644 --- a/kubernetes/oof/charts/oof-cmso/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/values.yaml @@ -42,8 +42,10 @@ global: loggingImage: beats/filebeat:5.5.0 keystorePassword: N{$tSp*U)RQzjqE;)%4z;Pv[ truststorePassword: - authentication: aaf-auth - + authentication: aaf-auth + +flavor: small + config: log: logstashServiceName: log-ls diff --git a/kubernetes/oof/resources/config/common_config.yaml b/kubernetes/oof/resources/config/common_config.yaml new file mode 100644 index 0000000000..03972a7e1f --- /dev/null +++ b/kubernetes/oof/resources/config/common_config.yaml @@ -0,0 +1,82 @@ +osdf_system: + libpath: /opt/app/osdf/libs + osdf_ports: + internal: 8699 # inside the Docker container, the app listens to this port + external: 8698 # clients use this port on DockerHost + osdf_ip_default: 0.0.0.0 +# # Important Note: At deployment time, we need to ensure the port mapping is done + ssl_context: ['/opt/app/ssl_cert/org.onap.oof.crt', '/opt/app/ssl_cert/org.onap.oof.key'] + +osdf_temp: # special configuration required for "workarounds" or testing + local_policies: + global_disabled: True + local_placement_policies_enabled: True + placement_policy_dir_vcpe: "./test/policy-local-files/" + placement_policy_files_vcpe: # workaroud for policy platform glitches (or "work-arounds" for other components) + - Affinity_vCPE_1.json + #- Capacity_vGMuxInfra.json + #- Capacity_vG_1.json + - Distance_vG_1.json + - Distance_vGMuxInfra_1.json + - hpa_policy_vG_1.json + - hpa_policy_vGMuxInfra_1.json + - Placement_Optimization_1.json + - QueryPolicy_vCPE.json + - vnfPolicy_vG.json + - vnfPolicy_vGMuxInfra.json + placement_policy_dir_vfw: "./test/policy-local-files/" + placement_policy_files_vfw: # workaroud for policy platform glitches (or "work-arounds" for other components) + #- Capacity_vFW_1.json + - Distance_vFW_1.json + - hpa_policy_vFW_1.json + - Placement_Optimization_1.json + - QueryPolicy_vFW.json + - vnfPolicy_vFW.json + placement_policy_dir_vfw_td: "./test/policy-local-files/" + placement_policy_files_vfw_td: + - vnfPolicy_vFW_TD.json + - vnfPolicy_vPGN_TD.json + - affinity_vFW_TD.json + - QueryPolicy_vFW_TD.json +service_info: + vCPE: + vcpeHostName: requestParameters.vcpeHostName + e2eVpnKey: requestParameters.e2eVpnKey + vFW: + vcpeHostName: requestParameters.vcpeHostName + e2eVpnKey: requestParameters.e2eVpnKey + +references: + service_name: + source: request + value: serviceInfo.serviceName + subscriber_role: + source: SubscriberPolicy + value: content.properties.subscriberRole + +policy_info: + prioritization_attributes: + policy_type: + - content.policyType + resources: + - content.resources + - content.objectiveParameter.parameterAttributes.resources + service_name: + - content.serviceName + + placement: + policy_fetch: by_scope + policy_scope: + default_scope: OSDF_CASABLANCA + vcpe_scope: OSDF_CASABLANCA + vfw_scope: OSDF_DUBLIN + secondary_scopes: + - + - get_param: service_name + - US + # - + # - get_param: service_name + # - get_param: subscriber_role + default: # if no explicit service related information is needed + policy_fetch: by_name + policy_scope: none diff --git a/kubernetes/oof/resources/config/org.onap.oof.crt b/kubernetes/oof/resources/config/org.onap.oof.crt new file mode 100644 index 0000000000..224d39375b --- /dev/null +++ b/kubernetes/oof/resources/config/org.onap.oof.crt @@ -0,0 +1,86 @@ +-----BEGIN CERTIFICATE----- +MIIEkTCCA3mgAwIBAgIIfDQFJU4qiGIwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDUwOTAzMzYxN1oXDTIwMDUwOTAzMzYxN1ow +fjEkMCIGA1UEAwwbb29mLmFwaS5zaW1wbGVkZW1vLm9uYXAub3JnMQ8wDQYJKoZI +hvcNAQkBFgAxGTAXBgNVBAsMEG9vZkBvb2Yub25hcC5vcmcxDjAMBgNVBAsMBU9T +QUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAIVFAR2i+qXd4hYeiXiTgoTyHeZQt0ndSq1aJ/tsiPEz +cH3/egq2nYGzC9zccDip8Vyd8uP54hw6OD8ulgssuxrRUppR0TcNp7TPzNIYbnOI +hjxU4XHCUQbhH4lt8+KVZDGCeWuDOTKXMZ2ZDj/WUcHXJA+2XDpUY6Gdg4K8+Mgu +CIOzqTkLl0Nz1a0FopZkSjf8nF0R1hf7XtbQorywLz7RL++nEh1a+vDkmVcSmLyW +fhI2uteuRFg3v9Y+Ebkp37QZ4oTpAjSyUKbvKuE0dhRvoTSRmjIxKFxiGrQBrMyJ +S3eQJR6USuRhxk2fZx9jTTPiVS5QotoTOO0C2xw9sBsCAwEAAaOCAUgwggFEMAkG +A1UdEwQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjBUBgNVHSMETTBLgBSB95lbELnIjN7zUl7qTmmgQz6s3aEwpC4w +LDEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTggEH +MB0GA1UdDgQWBBSaLxp34n5RCgXcMF4JKn+Z+HqMRTCBjwYDVR0RBIGHMIGEghtv +b2YuYXBpLnNpbXBsZWRlbW8ub25hcC5vcmeCCWNtc28tb25hcIIcY21zby5hcGku +c2ltcGxlZGVtby5vbmFwLm9yZ4IJY21zby5vbmFwggtvb2YtaGFzLWFwaYIQb29m +LWhhcy1hcGkub25hcIIIb29mLW9uYXCCCG9vZi5vbmFwMA0GCSqGSIb3DQEBCwUA +A4IBAQBarLs2rX/Av0CevlVcvGi73CsvBCtS18jz4Bj/cxuIDZzEHXtOoUmJ8FrI +9sG2cyZlqCBcND67VJfXsd34amhORnAwzzOjZGWgqvNfP9ayT/Ai1IAeBC0q33vu +h7v7wgV/cbZ+uNeU6ubN47JaW0pw6q7IBIhbTtnmBC+JmM0MLXt/zdU+/mbHEq7N +X+1AHDfM7VTzGrDTLt9DEX2tpBlj7l46Xp6UXWlbXUk2cHVzhNrhdgGDPHVs1MRT +ts3PvNAKyo1zHBRRS0asLVSes0Fge1O6x4RD5vbvFQxhawZsrvS2RRrLiCJNoMP3 +BiU0GD9vLvQy2SB+xBER57WuBsas +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- + + diff --git a/kubernetes/oof/resources/config/org.onap.oof.key b/kubernetes/oof/resources/config/org.onap.oof.key new file mode 100644 index 0000000000..a261fda9ed --- /dev/null +++ b/kubernetes/oof/resources/config/org.onap.oof.key @@ -0,0 +1,29 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCFRQEdovql3eIW +Hol4k4KE8h3mULdJ3UqtWif7bIjxM3B9/3oKtp2Bswvc3HA4qfFcnfLj+eIcOjg/ +LpYLLLsa0VKaUdE3Dae0z8zSGG5ziIY8VOFxwlEG4R+JbfPilWQxgnlrgzkylzGd +mQ4/1lHB1yQPtlw6VGOhnYOCvPjILgiDs6k5C5dDc9WtBaKWZEo3/JxdEdYX+17W +0KK8sC8+0S/vpxIdWvrw5JlXEpi8ln4SNrrXrkRYN7/WPhG5Kd+0GeKE6QI0slCm +7yrhNHYUb6E0kZoyMShcYhq0AazMiUt3kCUelErkYcZNn2cfY00z4lUuUKLaEzjt +AtscPbAbAgMBAAECggEAUSSNpFzaXel2Qd9/9kFiQ84jNFtK7hdl45y0IVqZGrsm +MCFATouX5SN+ApDZZzbZ9XlaLUK1UFiGbLnRs6Ydmht/PuS4DNwsk2O+ouErRv8G +NG++AIS+zwB9MjEXQIuTQK3fff2c8tep5voM+gNlLi/vDf4Ls5w0OW/tZcnndAHp +qpepSMd29gIwi9nViCD11k32UdQ7oAb7pB+RXleol1181945reuuvzIqfGamvfhl +TXdGO3GT7bSiy0q2iFGiAeEBfCNqYs3ptJrDrUSiPD7CZOybUFxGfI8lnrW/yvya +FrwIZuOkLdnCDssXsFzWz08NJ8sr2/HZZBgl9nbFoQKBgQDHVwq244eyUtNalRvZ +HPiRewSwp4A1pYBzk5DmcYLgKrXUlukYy7pKr8VoH899iWVPzWKqNkHavV2KvcSr +4dyNnEytAKiBqcb4piAzajgWG+m27WvITDF2zJhzx+91E1tngtyjKNzAHWG57A/W +S3H4Cm2eidXe6lKURL0RJ4QLcQKBgQCrJlnyPCf3qfcHkXW/EYlzmJMDSasgLEBl +/dthVZ8QRshooyzJTCckN2PXO+mbuarwmnjtb8ZS/PzPSZ7cAKfZOHgzWOPM5I45 +n0axJmrSZ+dUz270q8R1sVfqd0/jH4LjwuCQMKZmN+UpTijA2hKVWUCxcML7KtXT +QP3TQSy2SwKBgDlPgxsVy3uvaGiQmhMPyz84WR7Y6XmC/a087dnzJKeCYAig4p9o +Y0T5yA2pp6P2DpSk/grl0oUrEGvFJ3grVZe5KipLGCc/Qp9WU8e0cC+bEtSu6eAK +V+ZJ6ELRZr0INa1K6FhYdS8ew2wKvHrl8fxYMy/zfPO79sX+BUWbUNFhAoGAK5FQ +tkw/9FjM7J1HtwLU1ZtSWTTongEFx7DOpsFwA2mxXImlPfznvd1nygOTXTPvYt4/ +yFl6x+dkx7O6/9Ae6jnox1Fqc97+oYZ9LV1VNgiDJ+DCIwCSu08QzTvgFzYPUMFr +/uiTg1PZPyGJWEZrEp+syz6kM+HcmrFhq+RcaG8CgYEAtgHnJWL3v9r1jTP1YLRm +C7tXJ5a/xs3+KuM6vmSpAwkDvV50RK07ypGZqWsG2ewjUqxpAOeoiMn0dRRGP324 +yNCXUWjTVFbzdtzOQuOZVnEeje3K8xHUS3kv9zm1TgMbCRJgvc1THXhderiBShOK +ATP2Y7+WNByxs+TXGI//cFQ= +-----END PRIVATE KEY----- + diff --git a/kubernetes/oof/resources/config/osdf_config.yaml b/kubernetes/oof/resources/config/osdf_config.yaml index fea3d908cf..4dd3097918 100755 --- a/kubernetes/oof/resources/config/osdf_config.yaml +++ b/kubernetes/oof/resources/config/osdf_config.yaml @@ -60,7 +60,7 @@ osdfCMSchedulerUsername: {{ .Values.config.osdfCMSchedulerUsername }} osdfCMSchedulerPassword: {{ .Values.config.osdfCMSchedulerPassword }} is_aaf_enabled: {{ .Values.config.is_aaf_enabled }} -aaf_cache_expiry_hrs: {{ .Values.config.aaf_cache_expiry_hrs }} +aaf_cache_expiry_mins: {{ .Values.config.aaf_cache_expiry_mins }} aaf_url: {{ .Values.config.aaf_url }} aaf_user_roles: {{- range .Values.config.aaf_user_roles }} diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml index d4558b72dd..3c5306e644 100644 --- a/kubernetes/oof/templates/deployment.yaml +++ b/kubernetes/oof/templates/deployment.yaml @@ -95,6 +95,15 @@ spec: - mountPath: /opt/app/ssl_cert/aaf_root_ca.cer name: {{ include "common.fullname" . }}-config subPath: aaf_root_ca.cer + - mountPath: /opt/app/ssl_cert/org.onap.oof.crt + name: {{ include "common.fullname" . }}-config + subPath: org.onap.oof.crt + - mountPath: /opt/app/ssl_cert/org.onap.oof.key + name: {{ include "common.fullname" . }}-config + subPath: org.onap.oof.key + - mountPath: /opt/osdf/config/common_config.yaml + name: {{ include "common.fullname" . }}-config + subPath: common_config.yaml resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -118,5 +127,11 @@ spec: path: osdf_config.yaml - key: aaf_root_ca.cer path: aaf_root_ca.cer + - key: common_config.yaml + path: common_config.yaml + - key: org.onap.oof.crt + path: org.onap.oof.crt + - key: org.onap.oof.key + path: org.onap.oof.key imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml index 06c190cc7a..5099091b4a 100644 --- a/kubernetes/oof/values.yaml +++ b/kubernetes/oof/values.yaml @@ -49,7 +49,7 @@ config: soUsername: "" # SO username for call back. soPassword: "" # SO password for call back. # Url and credentials for Conductor. - conductorUrl: http://oof-has-api:8091/v1/plans/ + conductorUrl: https://oof-has-api:8091/v1/plans/ conductorUsername: admin1 conductorPassword: plan.15 conductorPingWaitTime: 60 @@ -87,10 +87,11 @@ config: osdfCMSchedulerPassword: testpwd1 #AAF Authentication is_aaf_enabled: False - aaf_cache_expiry_hrs: 3 + aaf_cache_expiry_mins: 5 aaf_url: https://aaf-service:8100 aaf_user_roles: - - '/api/oof/v1/placement:org.onap.osdf.access|*|read ALL' + - '/placement:org.onap.oof.access|*|read ALL' + - '/pci:org.onap.oof.access|*|read ALL' # Secret Management Service from AAF aaf_sms_url: https://aaf-sms aaf_sms_port: 10443 diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml index 5d54f78dbb..ec70f4b619 100644 --- a/kubernetes/pomba/charts/pomba-data-router/values.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,7 +27,7 @@ global: # application image repository: nexus3.onap.org:10001 -image: onap/data-router:1.4-STAGING-latest +image: onap/data-router:1.3.3 pullPolicy: Always restartPolicy: Always diff --git a/kubernetes/pomba/charts/pomba-search-data/values.yaml b/kubernetes/pomba/charts/pomba-search-data/values.yaml index 0bb5c22c84..88f45e35c2 100644 --- a/kubernetes/pomba/charts/pomba-search-data/values.yaml +++ b/kubernetes/pomba/charts/pomba-search-data/values.yaml @@ -9,7 +9,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/search-data-service:1.4-STAGING-latest +image: onap/search-data-service:1.3.1 pullPolicy: Always restartPolicy: Always @@ -65,4 +65,4 @@ resources: requests: cpu: 100m memory: 1800Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/readiness/docker/init/Dockerfile b/kubernetes/readiness/docker/init/Dockerfile index 7214e04174..b060915354 100644 --- a/kubernetes/readiness/docker/init/Dockerfile +++ b/kubernetes/readiness/docker/init/Dockerfile @@ -1,17 +1,12 @@ -from ubuntu:16.04 +FROM python:2-alpine ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST" # Setup Corporate proxy ENV https_proxy ${HTTPS_PROXY} ENV http_proxy ${HTTP_PROXY} -# Additional packages -RUN apt-get update -RUN apt-get install -y apt-utils git wget curl dnsutils python python-pip jq net-tools coreutils vim - RUN pip install requests pyyaml kubernetes - ENV CERT="/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" ENV TOKEN="/var/run/secrets/kubernetes.io/serviceaccount/token" @@ -21,4 +16,5 @@ RUN chmod a+x /root/ready.py COPY job_complete.py /root/job_complete.py RUN chmod a+x /root/job_complete.py -ENTRYPOINT /root/ready.py +ENTRYPOINT ["/root/ready.py"] +CMD [""]
\ No newline at end of file diff --git a/kubernetes/readiness/docker/init/job_complete.py b/kubernetes/readiness/docker/init/job_complete.py index 97d22da6c1..b20cb5adec 100644 --- a/kubernetes/readiness/docker/init/job_complete.py +++ b/kubernetes/readiness/docker/init/job_complete.py @@ -1,9 +1,10 @@ -#!/usr/bin/python +#!/usr/bin/env python import getopt import logging import os import sys import time +import random from kubernetes import client @@ -91,7 +92,8 @@ def main(argv): log.warning("timed out waiting for '" + job_name + "' to be completed") exit(1) else: - time.sleep(5) + # spread in time potentially parallel execution in multiple containers + time.sleep(random.randint(5, 11)) if __name__ == "__main__": main(sys.argv[1:])
\ No newline at end of file diff --git a/kubernetes/readiness/docker/init/ready.py b/kubernetes/readiness/docker/init/ready.py index 87c09a444c..0e133eab01 100644 --- a/kubernetes/readiness/docker/init/ready.py +++ b/kubernetes/readiness/docker/init/ready.py @@ -1,9 +1,10 @@ -#!/usr/bin/python +#!/usr/bin/env python import getopt import logging import os import sys import time +import random from kubernetes import client @@ -154,7 +155,8 @@ def main(argv): log.warning("timed out waiting for '" + container_name + "' to be ready") exit(1) else: - time.sleep(5) + # spread in time potentially parallel execution in multiple containers + time.sleep(random.randint(5, 11)) if __name__ == "__main__": main(sys.argv[1:]) diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index 453af8374e..0370bbc71d 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -120,11 +120,14 @@ GLOBAL_MSO_PASSWORD = '{{ .Values.soPassword }}' GLOBAL_MUSIC_SERVER_PROTOCOL = "http" GLOBAL_MUSIC_SERVER_PORT = "8080" # oof global info - everything is from the private oam network (also called onap private network) -GLOBAL_OOF_SERVER_PROTOCOL = "http" +GLOBAL_OOF_SERVER_PROTOCOL = "https" # oof-homing info - everything is from the private oam network (also called onap private network) GLOBAL_OOF_HOMING_SERVER_PORT = "8091" # oof-sniro info - everything is from the private oam network (also called onap private network) GLOBAL_OOF_SNIRO_SERVER_PORT = "8698" +#oof user +GLOBAL_OOF_OSDF_USERNAME="{{ .Values.oofUsername }}" +GLOBAL_OOF_OSDF_PASSWORD="{{ .Values.oofPassword }}" # oof cmso global info - everything is from the private oam network (also called onap private network) GLOBAL_OOF_CMSO_PROTOCOL = "https" GLOBAL_OOF_CMSO_SERVER_PORT = "8080" diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index 6a73d5bbfd..4c65c5b88b 100755 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -151,6 +151,12 @@ bcPassword: "demo123456!" kafkaJaasUsername: "admin" kafkaJaasPassword: "admin_secret" +#OOF +oofUsername: "oof@oof.onap.org" +oofPassword: "demo123456!" +cmsoUsername: "oof@oof.onap.org" +cmsoPassword: "demo123456!" + # default number of instances replicaCount: 1 diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index c1babf3063..0be06f3985 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -51,6 +51,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml index 47145fc9ec..2134309f46 100644 --- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/gvnfmdriver:1.3.0 +image: onap/vfc/gvnfmdriver:1.3.1 pullPolicy: Always #Istio sidecar injection policy @@ -87,4 +87,4 @@ resources: requests: cpu: 200m memory: 500Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml index 8833a5a627..f68f0fc790 100644 --- a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/jujudriver:1.3.0 +image: onap/vfc/jujudriver:1.3.1 pullPolicy: Always #Istio sidecar injection policy @@ -88,4 +88,4 @@ resources: requests: cpu: 200m memory: 2000Mi - unlimited: {}
\ No newline at end of file + unlimited: {} diff --git a/kubernetes/vfc/charts/vfc-redis/values.yaml b/kubernetes/vfc/charts/vfc-redis/values.yaml index a134190412..6991f36adf 100644 --- a/kubernetes/vfc/charts/vfc-redis/values.yaml +++ b/kubernetes/vfc/charts/vfc-redis/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/db:1.3.0-STAGING-latest +image: onap/vfc/db:1.3.0 pullPolicy: Always # flag to enable debugging - application support required |