diff options
55 files changed, 392 insertions, 89 deletions
diff --git a/docs/index.rst b/docs/index.rst index 340b43be67..c8048d142e 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -1,6 +1,7 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2018 Amdocs, Bell Canada +.. _master_index: OOM Documentation Repository diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst index e3790f88db..9b3e53467c 100644 --- a/docs/oom_cloud_setup_guide.rst +++ b/docs/oom_cloud_setup_guide.rst @@ -2,6 +2,7 @@ .. International License. .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2019 Amdocs, Bell Canada +.. _oom_cloud_setup_guide: .. Links .. _Microsoft Azure: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-MicrosoftAzure diff --git a/docs/oom_hardcoded_certificates.rst b/docs/oom_hardcoded_certificates.rst index 5aeee2e07f..b1de67bba8 100644 --- a/docs/oom_hardcoded_certificates.rst +++ b/docs/oom_hardcoded_certificates.rst @@ -24,6 +24,10 @@ Here's the list of these certificates: +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+ | AAI/MODEL-LOADER | Yes | Yes | No | aai/oom/components/aai-model-loaderresources/config/auth/tomcat_keystore | +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+ + | APPC | Yes | No | No | kubernetes/appc/resources/config/certs/org.onap.appc.keyfile | + +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+ + | APPC | Yes | No | No | kubernetes/appc/resources/config/certs/org.onap.appc.p12 | + +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+ | SDC | Yes | No? | No? | kubernetes/sdc/resources/cert | +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+ | SO | Yes | No? | Yes | kubernetes/so/resources/config/certificates | diff --git a/docs/oom_project_description.rst b/docs/oom_project_description.rst index 7903b709d8..b8c18dc93f 100644 --- a/docs/oom_project_description.rst +++ b/docs/oom_project_description.rst @@ -1,6 +1,7 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2018 Amdocs, Bell Canada +.. _oom_project_description: ONAP Operations Manager Project ############################### diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index 2607805015..565c43f467 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -2,7 +2,7 @@ .. Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2019 Amdocs, Bell Canada - +.. _oom_quickstart_guide: .. _quick-start-label: OOM Quick Start Guide @@ -23,6 +23,7 @@ available), follow the following instructions to deploy ONAP. where <BRANCH> can be an offical release tag, such as 4.0.0-ONAP for Dublin 5.0.1-ONAP for El Alto +6.0.0-ONAP for Frankfurt **Step 2.** Install Helm Plugins required to deploy ONAP:: @@ -53,6 +54,7 @@ with items like the OpenStack tenant information. d. Update the OpenStack parameters that will be used by robot, SO and APPC helm charts or use an override file to replace them. + e. Add in the command line a value for the global master password (global.masterPassword). @@ -77,7 +79,7 @@ openssl algorithm that works with the python based Robot Framework. c. Generating SO Encrypted Password: The SO Encrypted Password uses a java based encryption utility since the Java encryption library is not easy to integrate with openssl/python that -ROBOT uses in Dublin. +ROBOT uses in Dublin and upper versions. .. note:: To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword`` @@ -98,11 +100,12 @@ ROBOT uses in Dublin. d. Update the OpenStack parameters: -There are assumptions in the demonstration VNF heat templates about the networking -available in the environment. To get the most value out of these templates and the -automation that can help confirm the setup is correct, please observe the following +There are assumptions in the demonstration VNF heat templates about the networking +available in the environment. To get the most value out of these templates and the +automation that can help confirm the setup is correct, please observe the following constraints. + ``openStackPublicNetId:`` This network should allow heat templates to add interfaces. This need not be an external network, floating IPs can be assigned to the ports on @@ -124,7 +127,7 @@ constraints. setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. -Example Keystone v2.0 +Example Keystone v2.0 .. literalinclude:: example-integration-override.yaml :language: yaml @@ -135,7 +138,6 @@ Example Keystone v3 (required for Rocky and later releases) :language: yaml - **Step 4.** To setup a local Helm server to server up the ONAP charts:: > helm serve & @@ -168,13 +170,23 @@ follows:: single command .. note:: - The ``--timeout 900`` is currently required in Dublin to address long running initialization tasks - for DMaaP and SO. Without this timeout value both applications may fail to deploy. + The ``--timeout 900`` is currently required in Dublin and up to address long + running initialization tasks for DMaaP and SO. Without this timeout value both + applications may fail to deploy. + +.. danger:: + We've added the master password on the command line. + You shouldn't put it in a file for safety reason + please don't forget to change the value to something random + + A space is also added in front of the command so "history" doesn't catch it. + This masterPassword is very sensitive, please be careful! + To deploy all ONAP applications use this command:: > cd oom/kubernetes - > helm deploy dev local/onap --namespace onap -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 + > helm deploy dev local/onap --namespace onap --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 All override files may be customized (or replaced by other overrides) as per needs. diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index 4cc1ab6d22..b0c5d6e49e 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -1,6 +1,7 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2018 Amdocs, Bell Canada +.. _oom_user_guide: .. Links .. _Curated applications for Kubernetes: https://github.com/kubernetes/charts diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 154c6ab1cd..899ad2c11b 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -3,6 +3,7 @@ .. http://creativecommons.org/licenses/by/4.0 .. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights .. reserved. +.. _release_notes: .. Links .. _release-notes-label: @@ -120,7 +121,7 @@ Summary * Automated rolling upgrades for applications * In-place schema and data migrations * Blue-Green deployment environment migration (e.g. Pre-prod to Prod) - * Upgrades from embedded database instance into shared database instance + * Upgrades from embedded database instance into shared database instance * Release-to-release upgrade support delivered for the following projects @@ -268,7 +269,7 @@ Story * [`OOM-52 <https://jira.onap.org/browse/OOM-52>`_] - OOM ONAP Configuration Management - Parameterization of docker images * [`OOM-53 <https://jira.onap.org/browse/OOM-53>`_] - OOM ONAP Configuration Management - Parameterization for Sizing * [`OOM-63 <https://jira.onap.org/browse/OOM-63>`_] - Kubernetes cluster created by TOSCA description -* [`OOM-85 <https://jira.onap.org/browse/OOM-85>`_] - Test the code in the “Lab” project environment +* [`OOM-85 <https://jira.onap.org/browse/OOM-85>`_] - Test the code in the "Lab" project environment * [`OOM-86 <https://jira.onap.org/browse/OOM-86>`_] - Monitoring the health status of ONAP components * [`OOM-87 <https://jira.onap.org/browse/OOM-87>`_] - Configure TOSCA description via dashboard * [`OOM-88 <https://jira.onap.org/browse/OOM-88>`_] - Deploy Holmes on K8S cluster by TOSCA description diff --git a/kubernetes/aai b/kubernetes/aai -Subproject 9b27009ab70a2d4fccd43247f7dbb887cb94429 +Subproject 0c4cd899d53538202c23030ab278984897aede9 diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl index 0c7660eb1f..98b8d676df 100644 --- a/kubernetes/common/common/templates/_service.tpl +++ b/kubernetes/common/common/templates/_service.tpl @@ -30,6 +30,37 @@ {{- default $name .Values.service.name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* + Resolve the prefix node port to use. We look at these different values in + order of priority (first found, first chosen) + - .Values.service.nodePortPrefixOverride: override value for nodePort which + will be use locally; + - .Values.global.nodePortPrefix : global value for nodePort which will + be used for all charts (unless + previous one is used); + - .Values.global.nodePortPrefixExt : global value for nodePort which will + be used for all charts (unless + previous one is used) if + useNodePortExt is set to true in + service or on port; + - .Values.service.nodePortPrefix : value used on a pert chart basis if + no other version exists. + + The function takes two arguments (inside a dictionary): + - .dot : environment (.) + - .useNodePortExt : does the port use the "extended" nodeport part or the + normal one? +*/}} +{{- define "common.nodePortPrefix" -}} +{{- $dot := default . .dot -}} +{{- $useNodePortExt := default false .useNodePortExt -}} +{{- if or $useNodePortExt $dot.Values.service.useNodePortExt -}} +{{ $dot.Values.service.nodePortPrefixOverride | default $dot.Values.global.nodePortPrefixExt | default $dot.Values.nodePortPrefix }} +{{- else -}} +{{ $dot.Values.service.nodePortPrefixOverride | default $dot.Values.global.nodePortPrefix | default $dot.Values.nodePortPrefix }} +{{- end -}} +{{- end -}} + {{/* Define the metadata of Service The function takes from one to four arguments (inside a dictionary): - .dot : environment (.) @@ -96,7 +127,7 @@ labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent name: {{ $port.name }} {{- end }} {{- if (eq $serviceType "NodePort") }} - nodePort: {{ $dot.Values.global.nodePortPrefix | default $dot.Values.nodePortPrefix }}{{ $port.nodePort }} + nodePort: {{ include "common.nodePortPrefix" (dict "dot" $dot "portNodePortExt" $port.useNodePortExt) }}{{ $port.nodePort }} {{- end }} {{- else }} - port: {{ default $port.port $port.plain_port }} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index dabf21da79..6decff2463 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -58,7 +58,7 @@ pullPolicy: IfNotPresent # application configuration config: # .mariadbRootPasswordExternalSecret: 'some-external-secret' - mariadbRootPassword: secretpassword + # mariadbRootPassword: secretpassword # .userCredentialsExternalSecret: 'some-external-secret' userName: my-user # userPassword: my-password diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index 19b59722a2..a5bd69af02 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -109,7 +109,7 @@ mongo: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.4 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.5 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index d5da039ad1..37f79a4a73 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -72,7 +72,7 @@ readiness: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.2 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.3 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index 3283239100..1b4195c733 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -57,10 +57,7 @@ spec: -Dserver.ssl.key-store-password=$cadi_keystore_password_p12 \ -Djavax.net.ssl.trustStoreType=jks\ -Djava.security.egd=file:/dev/./urandom -Dserver.port=8443" - {{- if eq "DEBUG" .Values.config.loglevel }} - export JAVA_DEBUG="-Djavax.net.debug=all" - {{- end }} - exec java -XX:+UseContainerSupport $JAVA_DEBUG $JAVA_OPTS -jar /opt/onap/app.jar + exec java -XX:+UseContainerSupport $JAVA_OPTS -jar /opt/onap/app.jar {{- end }} {{ if .Values.liveness.enabled }} livenessProbe: @@ -116,7 +113,7 @@ spec: value: {{ .Values.so_authorization }} {{- end }} - name: DMAAP_HOST - value: "http://message-router.{{ include "common.namespace" . }}:3904" + value: "https://message-router.{{ include "common.namespace" . }}:3905" - name: LOGGING_LEVEL_ORG_ONAP_NBI value: {{ .Values.config.loglevel }} - name: MSB_ENABLED diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index ceab7fad2a..dcf9573bc7 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -75,7 +75,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:6.0.1 +image: onap/externalapi/nbi:6.0.2 pullPolicy: IfNotPresent sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml index 545359efea..c9de7f98a8 100644 --- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml +++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml @@ -114,7 +114,7 @@ msb: multicloud: enabled: false nbi: - enabled: false + enabled: true config: # openstack configuration openStackRegion: "Yolo" diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml index 782160b67b..ae859cfaa0 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml @@ -85,7 +85,7 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash","-c"] - args: ["nginx && /usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port=80 --die-on-term --exit-on-reload --logto /opt/conductor-uwsgi.log --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --logfile-chown --logfile-chmod 664 --protocol=uwsgi --socket 0.0.0.0:80"] + args: ["nginx && /usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port=80 --die-on-term --exit-on-reload --logto /var/log/conductor-uwsgi.log --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --logfile-chown --logfile-chmod 664 --protocol=uwsgi --socket 0.0.0.0:80"] ports: - containerPort: {{ .Values.liveness.periodSeconds }} # disable liveness probe when breakpoints set in debugger diff --git a/kubernetes/oof/charts/oof-has/resources/config/log.conf b/kubernetes/oof/charts/oof-has/resources/config/log.conf index 0fb963e674..9e4e29a1ba 100755 --- a/kubernetes/oof/charts/oof-has/resources/config/log.conf +++ b/kubernetes/oof/charts/oof-has/resources/config/log.conf @@ -33,31 +33,31 @@ args=(sys.stdout,) class=handlers.TimedRotatingFileHandler level=NOTSET formatter=generic -args=('application.log','midnight', 1, 10) +args=('/var/log/application.log','midnight', 1, 10) [handler_audithand] class=handlers.TimedRotatingFileHandler level=INFO formatter=audit -args=('audit.log', 'midnight', 1, 10) +args=('/var/log/audit.log', 'midnight', 1, 10) [handler_metrichand] class=handlers.TimedRotatingFileHandler level=INFO formatter=metric -args=('metric.log','midnight', 1, 10) +args=('/var/log/metric.log','midnight', 1, 10) [handler_errhand] class=handlers.TimedRotatingFileHandler level=ERROR formatter=error -args=('error.log','midnight', 1, 10) +args=('/var/log/error.log','midnight', 1, 10) [handler_debughand] class=handlers.TimedRotatingFileHandler level=DEBUG formatter=generic -args=('debug.log','midnight', 1, 10) +args=('/var/log/debug.log','midnight', 1, 10) [formatters] keys=generic,audit,metric,error diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index 7c58b3da54..1598a8ff3f 100644 --- a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -21,10 +21,10 @@ COMPONENT_X_MS_MB=1024 REST_PAP_URL=https://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ REST_PDP_ID=https://{{ .Values.global.pdp.nameOverride }}:{{.Values.config.pdpPort}}/pdp/ -PDP_HTTP_USER_ID=testpdp -PDP_HTTP_PASSWORD=alpha123 -PDP_PAP_PDP_HTTP_USER_ID=testpap -PDP_PAP_PDP_HTTP_PASSWORD=alpha123 +PDP_HTTP_USER_ID=${PDP_HTTP_USER_ID} +PDP_HTTP_PASSWORD=${PDP_HTTP_PASSWORD} +PDP_PAP_PDP_HTTP_USER_ID=${PDP_PAP_PDP_HTTP_USER_ID} +PDP_PAP_PDP_HTTP_PASSWORD=${PDP_PAP_PDP_HTTP_PASSWORD} M2_HOME=/usr/share/java/maven-3 snapshotRepositoryID=policy-nexus-snapshots @@ -33,8 +33,8 @@ snapshotRepositoryURL=http://{{ .Values.global.nexus.nameOverride }}:{{.Values.c releaseRepositoryID=policy-nexus-releases releaseRepositoryName=Releases releaseRepositoryURL=http://{{ .Values.global.nexus.nameOverride }}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases -repositoryUsername=admin -repositoryPassword=admin123 +repositoryUsername=${REPOSITORY_USERNAME} +repositoryPassword=${REPOSITORY_PASSWORD} UEB_URL=message-router UEB_TOPIC=PDPD-CONFIGURATION UEB_API_KEY= diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml index 6ff76ddfd1..a636e9011f 100644 --- a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml +++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml @@ -33,6 +33,37 @@ spec: spec: initContainers: - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1 *.conf`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: JDBC_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: JDBC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + - name: PDP_HTTP_USER_ID + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "login") | indent 10 }} + - name: PDP_HTTP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "password") | indent 10 }} + - name: PDP_PAP_PDP_HTTP_USER_ID + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "login") | indent 10 }} + - name: PDP_PAP_PDP_HTTP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "password") | indent 10 }} + - name: REPOSITORY_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "login") | indent 10 }} + - name: REPOSITORY_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "password") | indent 10 }} + volumeMounts: + volumeMounts: + - mountPath: /config-input + name: pe + - mountPath: /config + name: pe-processed + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config + - command: - /root/ready.py args: - --container-name @@ -59,6 +90,19 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: JDBC_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + - name: PDP_HTTP_USER_ID + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "login") | indent 10 }} + - name: PDP_HTTP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "password") | indent 10 }} + - name: PDP_PAP_PDP_HTTP_USER_ID + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "login") | indent 10 }} + - name: PDP_PAP_PDP_HTTP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "password") | indent 10 }} + - name: REPOSITORY_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "login") | indent 10 }} + - name: REPOSITORY_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "password") | indent 10 }} + volumeMounts: ports: - containerPort: {{ .Values.service.externalPort }} {{- if eq .Values.liveness.enabled true }} @@ -84,7 +128,7 @@ spec: name: pe-brmsgw subPath: brmsgw.conf - mountPath: /tmp/policy-install/config/base.conf - name: pe + name: pe-processed subPath: base.conf - mountPath: /tmp/policy-install/do-start.sh name: pe-scripts @@ -115,5 +159,8 @@ spec: configMap: name: {{ include "common.fullname" . }}-pe-configmap defaultMode: 0755 + - name: pe-processed + emptyDir: + medium: Memory imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml index 08afdeeac0..ee47b4a4c3 100644 --- a/kubernetes/policy/charts/brmsgw/values.yaml +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -20,6 +20,7 @@ global: nodePortPrefix: 302 readinessRepository: oomk8s readinessImage: readiness-check:2.0.2 + envsubstImage: dibi/envsubst ################################################################# # Secrets metaconfig @@ -31,13 +32,31 @@ secrets: login: '{{ .Values.db.user }}' password: '{{ .Values.db.password }}' passwordPolicy: required + - uid: pdp-http-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.pdp.pdpCredsExternalSecret) . }}' + login: '{{ .Values.pdp.pdphttpuserid }}' + password: '{{ .Values.pdp.pdphttppassword }}' + passwordPolicy: required + - uid: pap-http-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.pap.papCredsExternalSecret) . }}' + login: '{{ .Values.pap.pdppappdphttpuserid }}' + password: '{{ .Values.pap.pdppappdphttppassword }}' + passwordPolicy: required + - uid: nexus-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.nexus.nexusCredsExternalSecret) . }}' + login: '{{ .Values.nexus.repositoryUsername }}' + password: '{{ .Values.nexus.repositoryPassword }}' + passwordPolicy: required ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.6.1 +image: onap/policy-pe:1.6.2 pullPolicy: Always # flag to enable debugging - application support required @@ -52,6 +71,15 @@ config: db: user: policy_user password: policy_user +pdp: + pdphttpuserid: testpdp + pdphttppassword: alpha123 +pap: + pdppappdphttpuserid: testpap + pdppappdphttppassword: alpha123 +nexus: + repositoryUsername: admin + repositoryPassword: admin123 # default number of instances replicaCount: 1 diff --git a/kubernetes/policy/charts/drools/resources/configmaps/feature-healthcheck.properties b/kubernetes/policy/charts/drools/resources/configmaps/feature-healthcheck.properties index 189248ffb3..52a1908378 100644 --- a/kubernetes/policy/charts/drools/resources/configmaps/feature-healthcheck.properties +++ b/kubernetes/policy/charts/drools/resources/configmaps/feature-healthcheck.properties @@ -30,7 +30,7 @@ http.server.services.HEALTHCHECK.https=true http.server.services.HEALTHCHECK.aaf=${envd:AAF:false} http.server.services.HEALTHCHECK.serialization.provider=org.onap.policy.common.gson.JacksonHandler,org.onap.policy.common.endpoints.http.server.YamlJacksonHandler -http.client.services=PAP +http.client.services=PAP,PDP http.client.services.PAP.host={{ .Values.global.pap.nameOverride }} http.client.services.PAP.port=9091 diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index 58ce2d0455..05f7c1b0a8 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -40,7 +40,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pdpd-cl:1.6.0 +image: onap/policy-pdpd-cl:1.6.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/pap/values.yaml b/kubernetes/policy/charts/pap/values.yaml index 7edb3ab871..ad7cf96306 100644 --- a/kubernetes/policy/charts/pap/values.yaml +++ b/kubernetes/policy/charts/pap/values.yaml @@ -40,7 +40,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pap:2.2.0 +image: onap/policy-pap:2.2.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml index 16d5fb5cec..e55f9d0987 100644 --- a/kubernetes/policy/charts/pdp/templates/statefulset.yaml +++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml @@ -37,6 +37,24 @@ spec: spec: initContainers: - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1 *.conf`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: JDBC_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: JDBC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /config-input + name: pe + - mountPath: /config + name: pe-processed + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config + - command: - /root/ready.py args: - --container-name @@ -84,7 +102,7 @@ spec: name: localtime readOnly: true - mountPath: /tmp/policy-install/config/base.conf - name: pe + name: pe-processed subPath: base.conf - mountPath: /tmp/policy-install/config/pdp-tweaks.sh name: pe-pdp @@ -144,5 +162,8 @@ spec: configMap: name: {{ include "common.fullname" . }}-pe-configmap defaultMode: 0755 + - name: pe-processed + emptyDir: + medium: Memory imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index 7b9c561a61..7b5f6f8ac9 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -39,7 +39,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.6.1 +image: onap/policy-pe:1.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-apex-pdp/values.yaml b/kubernetes/policy/charts/policy-apex-pdp/values.yaml index b149c17c48..1fdc215ff7 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-apex-pdp:2.3.0 +image: onap/policy-apex-pdp:2.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-api/values.yaml b/kubernetes/policy/charts/policy-api/values.yaml index fd66b69e4e..2e31f6b2ef 100644 --- a/kubernetes/policy/charts/policy-api/values.yaml +++ b/kubernetes/policy/charts/policy-api/values.yaml @@ -40,7 +40,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-api:2.2.1 +image: onap/policy-api:2.2.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf index 93b02e76bc..810b090069 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf +++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf @@ -21,8 +21,9 @@ TRUSTSTORE_PASSWD=Pol1cy_0nap JDBC_DRIVER=org.mariadb.jdbc.Driver JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 -JDBC_USER={{ .Values.global.mariadb.config.userName }} -JDBC_PASSWORD={{ .Values.global.mariadb.config.userPassword }} + +JDBC_USER=${JDBC_USER} +JDBC_PASSWORD=${JDBC_PASSWORD} site_name=site_1 fp_monitor_interval=30 diff --git a/kubernetes/policy/charts/policy-distribution/values.yaml b/kubernetes/policy/charts/policy-distribution/values.yaml index 2d62d1b571..835bfc4656 100644 --- a/kubernetes/policy/charts/policy-distribution/values.yaml +++ b/kubernetes/policy/charts/policy-distribution/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-distribution:2.3.0 +image: onap/policy-distribution:2.3.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml index dc7266e9a1..a2c0aa0e63 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml @@ -38,7 +38,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-xacml-pdp:2.2.0 +image: onap/policy-xacml-pdp:2.2.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/templates/deployment.yaml b/kubernetes/policy/templates/deployment.yaml index 8a0db8a699..7f96888ec8 100644 --- a/kubernetes/policy/templates/deployment.yaml +++ b/kubernetes/policy/templates/deployment.yaml @@ -33,6 +33,24 @@ spec: spec: initContainers: - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1 *.conf`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: JDBC_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: JDBC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /config-input + name: pe + - mountPath: /config + name: pe-processed + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config + - command: - /root/ready.py args: - --container-name @@ -100,7 +118,7 @@ spec: name: pe-pap subPath: console.conf - mountPath: /tmp/policy-install/config/base.conf - name: pe + name: pe-processed subPath: base.conf - mountPath: /tmp/policy-install/do-start.sh name: pe-scripts @@ -157,5 +175,8 @@ spec: configMap: name: {{ include "common.fullname" . }}-pe-configmap defaultMode: 0755 + - name: pe-processed + emptyDir: + medium: Memory imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml index 81904143fa..f6a1ace3dc 100644 --- a/kubernetes/policy/templates/job.yaml +++ b/kubernetes/policy/templates/job.yaml @@ -57,14 +57,11 @@ spec: - /dbcmd-config/db.sh env: - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 10 }} - name: MYSQL_HOST value: "{{ index .Values "mariadb-galera" "service" "name" }}" - name: MYSQL_USER - value: "{{ index .Values "mariadb-galera" "config" "userName" }}" + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - name: MYSQL_PORT value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" restartPolicy: Never diff --git a/kubernetes/policy/templates/secrets.yaml b/kubernetes/policy/templates/secrets.yaml index 6b8bc41033..c1f98ba3cc 100644 --- a/kubernetes/policy/templates/secrets.yaml +++ b/kubernetes/policy/templates/secrets.yaml @@ -13,17 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-secret - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -type: Opaque -data: - db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }} - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} +{{ include "common.secretFast" . }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 1ac00c760a..3a2b1f1f96 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -22,6 +22,7 @@ global: readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + envsubstImage: dibi/envsubst ubuntuImage: ubuntu:16.04 pdp: nameOverride: pdp @@ -37,9 +38,6 @@ global: # '&mariadbConfig' means we "store" the values for later use in the file # with '*mariadbConfig' pointer. config: &mariadbConfig - userName: policy_user - userPassword: policy_user - mariadbRootPassword: secret mysqlDatabase: policyadmin service: &mariadbService name: policy-mariadb @@ -47,25 +45,55 @@ global: internalPort: 3306 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-root-password + name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password' + type: password + externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "mariadbRootPasswordExternalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "config" "mariadbRootPasswordExternalSecret"))}}' + password: '{{ (index .Values "mariadb-galera" "config" "mariadbRootPassword") }}' + policy: generate + - uid: db-secret + name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret"))}}' + login: '{{ index .Values "mariadb-galera" "config" "userName" }}' + password: '{{ index .Values "mariadb-galera" "config" "userPassword" }}' + passwordPolicy: generate + +################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.6.1 +image: onap/policy-pe:1.6.2 mariadb_image: library/mariadb:10 pullPolicy: Always subChartsOnly: enabled: true +db: &dbSecretsHook + credsExternalSecret: *dbSecretName + pap: nameOverride: pap + db: *dbSecretsHook pdp: nameOverride: pdp + db: *dbSecretsHook drools: nameOverride: drools -brmwgw: + db: *dbSecretsHook +brmsgw: nameOverride: brmsgw + db: *dbSecretsHook +policy-api: + db: *dbSecretsHook +policy-xacml-pdp: + db: *dbSecretsHook + nexus: nameOverride: nexus @@ -112,7 +140,11 @@ ingress: mariadb-galera: # mariadb-galera.config and global.mariadb.config must be equals - config: *mariadbConfig + config: + <<: *mariadbConfig + userName: policy_user + mariadbRootPasswordExternalSecret: *dbRootPassSecretName + userCredentialsExternalSecret: *dbSecretName nameOverride: policy-mariadb # mariadb-galera.service and global.mariadb.service must be equals service: *mariadbService diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index 433352cf2e..24388277f4 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -24,6 +24,7 @@ global: loggingImage: beats/filebeat:5.5.0 #AAF service aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.20 ################################################################# # Application configuration defaults. @@ -31,7 +32,7 @@ global: # application image repository: nexus3.onap.org:10001 -image: onap/portal-app:2.6.0 +image: onap/portal-app:3.2.0 pullPolicy: Always #AAF local config diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml index e6aab2a2e3..26afa60616 100644 --- a/kubernetes/portal/charts/portal-mariadb/values.yaml +++ b/kubernetes/portal/charts/portal-mariadb/values.yaml @@ -24,7 +24,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/portal-db:2.6.0 +image: onap/portal-db:3.2.0 pullPolicy: Always readinessImage: readiness-check:2.0.0 diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 77ceb274d2..45af55fe1d 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -25,6 +25,7 @@ global: persistence: {} #AAF service aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.20 ################################################################# # Application configuration defaults. @@ -32,7 +33,7 @@ global: # application image repository: nexus3.onap.org:10001 -image: onap/portal-sdk:2.6.0 +image: onap/portal-sdk:3.2.0 pullPolicy: Always #AAF local config diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml index 7a02509737..3d63cd8301 100644 --- a/kubernetes/portal/charts/portal-widget/values.yaml +++ b/kubernetes/portal/charts/portal-widget/values.yaml @@ -29,7 +29,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/portal-wms:2.6.0 +image: onap/portal-wms:3.2.0 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/robot b/kubernetes/robot -Subproject 7f37c3cd610edd911a8b68e2118212d9ec8149d +Subproject 431689c7879a92be54477f13f8e39908db5f07f diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties index f9640a95db..6a4ca4ca16 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties +++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties @@ -32,4 +32,4 @@ sessionstickinessrequired=NO DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt sdnc.odl.user=${ODL_USER} sdnc.odl.password=${ODL_PASSWORD} -sdnc.odl.url-base=http://sdnc.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file +sdnc.odl.url-base=http://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties index 96f40790c6..d2b55fb131 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties +++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties @@ -32,4 +32,4 @@ sessionstickinessrequired=NO DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt sdnc.odl.user=${ODL_USER} sdnc.odl.password=${ODL_PASSWORD} -sdnc.odl.url-base=http://sdnc.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations +sdnc.odl.url-base=http://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-CMNotify.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-CMNotify.properties new file mode 100644 index 0000000000..eff236a962 --- /dev/null +++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-CMNotify.properties @@ -0,0 +1,35 @@ +TransportType=HTTPNOAUTH +Latitude =50.000000 +Longitude =-100.000000 +Version =1.0 +ServiceName=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}} +Environment =TEST +Partner = +routeOffer=MR1 +SubContextPath =/ +Protocol =http +MethodType =GET +username =UNUSED +password =UNUSED +contenttype =application/json +authKey=UNUSED +authDate=UNUSED +host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}} +topic=CM-NOTIFICATION +group=users +id=sdnc1 +timeout=15000 +limit=1000 +filter= +AFT_DME2_EXCHANGE_REQUEST_HANDLERS=com.att.nsa.test.PreferredRouteRequestHandler +AFT_DME2_EXCHANGE_REPLY_HANDLERS=com.att.nsa.test.PreferredRouteReplyHandler +AFT_DME2_REQ_TRACE_ON=true +AFT_ENVIRONMENT=AFTUAT +AFT_DME2_EP_CONN_TIMEOUT=15000 +AFT_DME2_ROUNDTRIP_TIMEOUT_MS=240000 +AFT_DME2_EP_READ_TIMEOUT_MS=50000 +sessionstickinessrequired=NO +DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt +sdnc.odl.user=${ODL_USER} +sdnc.odl.password=${ODL_PASSWORD} +sdnc.odl.url-base=https://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-a1Adapter-policy.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-a1Adapter-policy.properties new file mode 100644 index 0000000000..944b63f4c2 --- /dev/null +++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-a1Adapter-policy.properties @@ -0,0 +1,35 @@ +TransportType=HTTPNOAUTH +Latitude =50.000000 +Longitude =-100.000000 +Version =1.0 +ServiceName=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}} +Environment =TEST +Partner = +routeOffer=MR1 +SubContextPath =/ +Protocol =http +MethodType =GET +username =UNUSED +password =UNUSED +contenttype =application/json +authKey=UNUSED +authDate=UNUSED +host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}} +topic=A1-P +group=users +id=sdnc1 +timeout=15000 +limit=1000 +filter= +AFT_DME2_EXCHANGE_REQUEST_HANDLERS=com.att.nsa.test.PreferredRouteRequestHandler +AFT_DME2_EXCHANGE_REPLY_HANDLERS=com.att.nsa.test.PreferredRouteReplyHandler +AFT_DME2_REQ_TRACE_ON=true +AFT_ENVIRONMENT=AFTUAT +AFT_DME2_EP_CONN_TIMEOUT=15000 +AFT_DME2_ROUNDTRIP_TIMEOUT_MS=240000 +AFT_DME2_EP_READ_TIMEOUT_MS=50000 +sessionstickinessrequired=NO +DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt +sdnc.odl.user=${ODL_USER} +sdnc.odl.password=${ODL_PASSWORD} +sdnc.odl.url-base=https://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-oofpcipoc.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-oofpcipoc.properties new file mode 100644 index 0000000000..b670d436c0 --- /dev/null +++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-oofpcipoc.properties @@ -0,0 +1,35 @@ +TransportType=HTTPNOAUTH +Latitude =50.000000 +Longitude =-100.000000 +Version =1.0 +ServiceName=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}} +Environment =TEST +Partner = +routeOffer=MR1 +SubContextPath =/ +Protocol =http +MethodType =GET +username =UNUSED +password =UNUSED +contenttype =application/json +authKey=UNUSED +authDate=UNUSED +host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}} +topic=SDNR-CL +group=users +id=sdnc1 +timeout=15000 +limit=1000 +filter= +AFT_DME2_EXCHANGE_REQUEST_HANDLERS=com.att.nsa.test.PreferredRouteRequestHandler +AFT_DME2_EXCHANGE_REPLY_HANDLERS=com.att.nsa.test.PreferredRouteReplyHandler +AFT_DME2_REQ_TRACE_ON=true +AFT_ENVIRONMENT=AFTUAT +AFT_DME2_EP_CONN_TIMEOUT=15000 +AFT_DME2_ROUNDTRIP_TIMEOUT_MS=240000 +AFT_DME2_EP_READ_TIMEOUT_MS=50000 +sessionstickinessrequired=NO +DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt +sdnc.odl.user=$(ODL_USER} +sdnc.odl.password=${ODL_PASSWORD} +sdnc.odl.url-base=https://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties index 0b52b3febb..15f32c4248 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties +++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties @@ -32,4 +32,4 @@ sessionstickinessrequired=NO DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt sdnc.odl.user=${ODL_USER} sdnc.odl.password=${ODL_PASSWORD} -sdnc.odl.url-base=http://sdnc.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file +sdnc.odl.url-base=http://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file diff --git a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml index af78a12d09..e7f06ffda0 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml @@ -101,6 +101,15 @@ spec: - mountPath: {{ .Values.config.configDir }}/aai.properties name: properties subPath: aai.properties + - mountPath: {{ .Values.config.configDir }}/dmaap-consumer-CMNotify.properties + name: properties + subPath: dmaap-consumer-CMNotify.properties + - mountPath: {{ .Values.config.configDir }}/dmaap-consumer-a1Adapter-policy.properties + name: properties + subPath: dmaap-consumer-a1Adapter-policy.properties + - mountPath: {{ .Values.config.configDir }}/dmaap-consumer-oofpcipoc.properties + name: properties + subPath: dmaap-consumer-oofpcipoc.properties resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml index f5077cb53c..51f7afeeb5 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml @@ -56,7 +56,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-dmaap-listener-image:1.8.0 +image: onap/sdnc-dmaap-listener-image:1.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index 621048a9d7..c08e53a84a 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -56,7 +56,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ansible-server-image:1.8.0 +image: onap/sdnc-ansible-server-image:1.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index faa9e6bde8..280a2af5e9 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -73,7 +73,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/admportal-sdnc-image:1.8.0 +image: onap/admportal-sdnc-image:1.8.1 config: dbFabricDB: mysql dbFabricUser: admin diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml index 1f6c9de627..a02a38531c 100644 --- a/kubernetes/sdnc/charts/ueb-listener/values.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml @@ -62,7 +62,7 @@ secrets: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ueb-listener-image:1.8.0 +image: onap/sdnc-ueb-listener-image:1.8.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 99ff4b7760..fda5617f78 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -118,7 +118,7 @@ secrets: # application images repository: nexus3.onap.org:10001 pullPolicy: Always -image: onap/sdnc-image:1.8.0 +image: onap/sdnc-image:1.8.1 # flag to enable debugging - application support required diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 117d270ab0..3ecf3f50b3 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -96,6 +96,10 @@ ecomp: pollTimeout: 7500 pollInterval: 15 mso: + adapters: + requestDb: + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.db.auth )}} auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.encrypted "value2" .Values.mso.auth )}} logPath: ./logs/openstack msb-ip: msb-iag.{{ include "common.namespace" . }} diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml index d7108a8fb0..8bc90fc79b 100644 --- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml @@ -29,7 +29,7 @@ global: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/gvnfmdriver:1.3.8 +image: onap/vfc/gvnfmdriver:1.3.9 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-nslcm/values.yaml b/kubernetes/vfc/charts/vfc-nslcm/values.yaml index 023ec59104..e36efee902 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/values.yaml @@ -39,7 +39,7 @@ secrets: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/nslcm:1.3.8 +image: onap/vfc/nslcm:1.3.9 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml index 76eebe5090..48176a70a5 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml @@ -39,7 +39,7 @@ secrets: flavor: small repository: nexus3.onap.org:10001 -image: onap/vfc/vnflcm:1.3.8 +image: onap/vfc/vnflcm:1.3.9 pullPolicy: Always #Istio sidecar injection policy |