diff options
23 files changed, 80 insertions, 48 deletions
diff --git a/docs/sections/resources/yaml/environments_onap_demo.yaml b/docs/sections/resources/yaml/environments_onap_demo.yaml index 492e5d2ff1..acc395dac4 100644 --- a/docs/sections/resources/yaml/environments_onap_demo.yaml +++ b/docs/sections/resources/yaml/environments_onap_demo.yaml @@ -13,7 +13,7 @@ global: repository: nexus3.onap.org:10001 repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== # readiness check - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:6.0.2 # logging agent loggingRepository: docker.elastic.co diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 395d8d6b17..a24805b149 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -25,7 +25,7 @@ global: # global defaults dockerhubRepository: docker.io busyboxImage: busybox - readinessImage: onap/oom/readiness:5.0.1 + readinessImage: onap/oom/readiness:6.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml index 18963f94f0..ab0b21c5b6 100644 --- a/kubernetes/common/dgbuilder/templates/deployment.yaml +++ b/kubernetes/common/dgbuilder/templates/deployment.yaml @@ -61,8 +61,8 @@ spec: - command: - /app/ready.py args: - - --app-name - - {{ .Values.config.dbPodName }} + - --service-name + - {{ .Values.config.dbServiceName }} env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index c4dcb2f40e..68cb86bd7e 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -166,6 +166,13 @@ resources: memory: "4Gi" unlimited: {} +podAnnotations: + # Workarround to exclude K8S API from istio communication + # as init-container (readinessCheck) does not work with the + # Istio CNI plugin, see: + # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers) + traffic.sidecar.istio.io/excludeOutboundPorts: "443" + #Pods Service Account serviceAccount: nameOverride: dgbuilder diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml index 8919dc7a39..f77a8ec8ba 100644 --- a/kubernetes/common/etcd-init/templates/job.yaml +++ b/kubernetes/common/etcd-init/templates/job.yaml @@ -27,6 +27,12 @@ spec: backoffLimit: {{ .Values.backoffLimit }} template: metadata: + annotations: + # Workarround to exclude K8S API from istio communication + # as init-container (readinessCheck) does not work with the + # Istio CNI plugin, see: + # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers) + traffic.sidecar.istio.io/excludeOutboundPorts: "443" labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} @@ -37,8 +43,8 @@ spec: command: - /app/ready.py args: - - --container-name - - {{ .Values.etcd.containerName }} + - --service-name + - {{ .Values.etcd.serviceName }} env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 9f0a786282..f2128693e8 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -32,6 +32,13 @@ spec: jobTemplate: spec: template: + metadata: + annotations: + # Workarround to exclude K8S API from istio communication + # as init-container (readinessCheck) does not work with the + # Istio CNI plugin, see: + # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers) + traffic.sidecar.istio.io/excludeOutboundPorts: "443" spec: serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} {{ include "common.podSecurityContext" . | indent 10 | trim}} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 29d643eb1e..9a27e605d8 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -329,8 +329,8 @@ backup: readinessCheck: wait_for: - apps: - - '{{ include "common.name" . }}' + services: + - '{{ include "common.servicename" . }}' ## TLS configuration ## diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index 88ff0e09c2..0edb8e936b 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -31,25 +31,18 @@ spec: backoffLimit: 20 template: metadata: + annotations: + # Workarround to exclude K8S API from istio communication + # as init-container (readinessCheck) does not work with the + # Istio CNI plugin, see: + # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers) + traffic.sidecar.istio.io/excludeOutboundPorts: "443" labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: - initContainers: - {{- if .Values.global.mariadbGalera.localCluster }} - {{- if .Values.global.mariadbGalera.useOperator }} - {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_local_operator ) | indent 6 | trim }} - {{ else }} - {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_local ) | indent 6 | trim }} - {{- end }} - {{ else }} - {{- if .Values.global.mariadbGalera.useOperator }} - {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_global_operator ) | indent 6 | trim }} - {{ else }} - {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_global ) | indent 6 | trim }} - {{- end }} - {{- end }} + initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.image.mariadb" . }} diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml index 170eaf3c96..31e04f0e2c 100644 --- a/kubernetes/common/mariadb-init/tests/job_test.yaml +++ b/kubernetes/common/mariadb-init/tests/job_test.yaml @@ -36,7 +36,7 @@ tests: content: mariadb-galera - equal: path: spec.template.spec.initContainers[0].image - value: nexus3.onap.org:10001/onap/oom/readiness:3.0.1 + value: nexus3.onap.org:10001/onap/oom/readiness:6.0.2 - equal: path: spec.template.spec.initContainers[0].imagePullPolicy value: IfNotPresent diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml index 5c181dded2..57dfb400c4 100644 --- a/kubernetes/common/mariadb-init/values.yaml +++ b/kubernetes/common/mariadb-init/values.yaml @@ -150,15 +150,6 @@ wait_for_job_container: - '{{ include "common.name" . }}' readinessCheck: - wait_for_global_operator: - pods: - - '{{ .Values.global.mariadbGalera.nameOverride }}-0' - wait_for_local_operator: - pods: - - '{{ index .Values "mariadb-galera" "nameOverride" }}-0' - wait_for_global: - apps: - - '{{ include "common.mariadbAppName" . }}' - wait_for_local: - apps: - - '{{ include "common.mariadbAppName" . }}' + wait_for: + services: + - '{{ include "common.mariadbService" . }}' diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index e028e39545..0b62705474 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -142,6 +142,13 @@ ingress: resources: {} +podAnnotations: + # Workarround to exclude K8S API from istio communication + # as init-container (readinessCheck) does not work with the + # Istio CNI plugin, see: + # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers) + traffic.sidecar.istio.io/excludeOutboundPorts: "443" + #Pods Service Account serviceAccount: nameOverride: network-name-gen diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml index 6736559b81..348dda517a 100644 --- a/kubernetes/common/postgres-init/templates/job.yaml +++ b/kubernetes/common/postgres-init/templates/job.yaml @@ -28,6 +28,12 @@ spec: backoffLimit: 20 template: metadata: + annotations: + # Workarround to exclude K8S API from istio communication + # as init-container (readinessCheck) does not work with the + # Istio CNI plugin, see: + # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers) + traffic.sidecar.istio.io/excludeOutboundPorts: "443" labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/common/postgres-init/values.yaml b/kubernetes/common/postgres-init/values.yaml index d2eb090142..160e6720ed 100644 --- a/kubernetes/common/postgres-init/values.yaml +++ b/kubernetes/common/postgres-init/values.yaml @@ -19,6 +19,7 @@ global: postgres: service: name: pgset + name2: tcp-pgset-primary container: name: postgres @@ -98,7 +99,8 @@ serviceAccount: readinessCheck: wait_for: - - '{{ .Values.global.postgres.container.name }}' + services: + - '{{ .Values.global.postgres.service.name2 }}' wait_for_job_container: containers: diff --git a/kubernetes/common/readinessCheck/Chart.yaml b/kubernetes/common/readinessCheck/Chart.yaml index a53c7ab980..bb2986a9fb 100644 --- a/kubernetes/common/readinessCheck/Chart.yaml +++ b/kubernetes/common/readinessCheck/Chart.yaml @@ -17,7 +17,7 @@ apiVersion: v2 description: Template used to wait for other deployment/sts/jobs in onap name: readinessCheck -version: 13.0.0 +version: 13.1.0 dependencies: - name: common diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl index 879be1288f..51791fec13 100644 --- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl +++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl @@ -42,6 +42,14 @@ pods: - test-pod + the powerful one allows also to wait for a service to be + available, which means all pods are deployed, which are + selected by the service definition: + wait_for: + name: myservice + services: + - mariadb-galera-service + the powerful one allows also to wait for pods with the given "app" label: wait_for: @@ -62,8 +70,8 @@ - .dot : environment (.) - .initRoot : the root dictionary of readinessCheck submodule (default to .Values.readinessCheck) - - .wait_for : list of containers / pods /apps / jobs to wait for (default to - .Values.wait_for) + - .wait_for : list of service / containers / pods /apps / jobs to wait for + (default to .Values.wait_for) Example calls: {{ include "common.readinessCheck.waitFor" . }} @@ -76,6 +84,7 @@ {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} {{- $wait_for := default $initRoot.wait_for .wait_for -}} {{- $containers := index (ternary (dict "containers" $wait_for) $wait_for (kindIs "slice" $wait_for)) "containers" -}} +{{- $services := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "services" -}} {{- $pods := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "pods" -}} {{- $apps := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "apps" -}} {{- $namePart := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "name" -}} @@ -97,6 +106,10 @@ - --pod-name - {{ tpl $pod $dot }} {{- end }} + {{- range $service := default (list) $services }} + - --service-name + - {{ tpl $service $dot }} + {{- end }} {{- range $app := default (list) $apps }} - --app-name - {{ tpl $app $dot }} diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 03ffddafd1..3b1acd9946 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -39,10 +39,10 @@ global: mariadbImage: bitnami/mariadb:10.5.8 nginxImage: bitnami/nginx:1.21.4 postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 - readinessImage: onap/oom/readiness:5.0.1 + readinessImage: onap/oom/readiness:6.0.2 dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 drProvClientImage: onap/dmaap/datarouter-prov-client:2.1.15 - quitQuitImage: onap/oom/readiness:5.0.1 + quitQuitImage: onap/oom/readiness:6.0.2 # Default credentials # they're optional. If the target repository doesn't need them, comment them diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index c2b4403e33..e0ceea608a 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -32,7 +32,7 @@ global: #repository: nexus3.onap.org:10001 # readiness check - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:6.0.2 # logging agent - temporary repo until images migrated to nexus3 loggingRepository: docker.elastic.co diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml index a51106f92b..0a4a2f856b 100644 --- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml +++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml @@ -35,7 +35,7 @@ global: password: docker # readiness check - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:6.0.2 # logging agent - temporary repo until images migrated to nexus3 loggingRepository: docker.elastic.co diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index a4bf64b653..f850936b97 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -103,7 +103,7 @@ global: postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 # readiness check image - readinessImage: onap/oom/readiness:5.0.1 + readinessImage: onap/oom/readiness:6.0.2 # image pull policy pullPolicy: Always diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml index b038b5264b..94416b4a7d 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml @@ -15,7 +15,7 @@ # Global global: nodePortPrefix: 302 - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:6.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 busyboxRepository: registry.hub.docker.com diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 2c896ea77f..f6317b7af9 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -18,7 +18,7 @@ ################################################################# global: nodePortPrefix: 302 - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:6.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 sdc_cassandra: diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml index c10b509734..2ec3d2ea4d 100644 --- a/kubernetes/so/components/so-admin-cockpit/values.yaml +++ b/kubernetes/so/components/so-admin-cockpit/values.yaml @@ -26,7 +26,7 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:6.0.2 envsubstImage: dibi/envsubst persistence: mountPath: /dockerdata-nfs diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml index 6fdfd75dde..39d5e084ca 100755 --- a/kubernetes/so/components/so-mariadb/values.yaml +++ b/kubernetes/so/components/so-mariadb/values.yaml @@ -22,7 +22,7 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 - readinessImage: onap/oom/readiness:5.0.1 + readinessImage: onap/oom/readiness:6.0.2 ubuntuInitRepository: docker.io mariadbGalera: # flag to enable the DB creation via mariadb-operator |