aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/aai/components/aai-resources/resources/config/application.properties4
-rwxr-xr-xkubernetes/cds/components/cds-blueprints-processor/values.yaml2
-rw-r--r--kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml12
-rw-r--r--kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml4
-rw-r--r--kubernetes/multicloud/components/multicloud-fcaps/values.yaml9
-rw-r--r--kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json13
-rw-r--r--kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml1
-rw-r--r--kubernetes/multicloud/components/multicloud-k8s/values.yaml4
-rw-r--r--kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml10
-rw-r--r--kubernetes/multicloud/components/multicloud-pike/values.yaml7
-rw-r--r--kubernetes/multicloud/components/multicloud-prometheus/values.yaml2
-rw-r--r--kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json11
-rw-r--r--kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml12
-rw-r--r--kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml4
-rw-r--r--kubernetes/multicloud/components/multicloud-starlingx/values.yaml7
-rw-r--r--kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml10
-rw-r--r--kubernetes/multicloud/components/multicloud-vio/values.yaml10
-rw-r--r--kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json11
-rw-r--r--kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml12
-rw-r--r--kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml6
-rw-r--r--kubernetes/multicloud/components/multicloud-windriver/values.yaml7
-rw-r--r--kubernetes/multicloud/templates/deployment.yaml12
-rw-r--r--kubernetes/multicloud/templates/service.yaml8
-rw-r--r--kubernetes/multicloud/values.yaml13
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml5
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/values.yaml33
-rwxr-xr-xkubernetes/policy/components/policy-api/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml30
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml35
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml35
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-be/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml36
-rw-r--r--kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-distribution/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-gui/values.yaml2
-rw-r--r--kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml20
-rwxr-xr-xkubernetes/policy/components/policy-pap/values.yaml5
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/values.yaml2
-rw-r--r--kubernetes/policy/templates/policy-kafka-user.yaml17
-rwxr-xr-xkubernetes/policy/values.yaml1
-rw-r--r--kubernetes/sdc/components/sdc-be/values.yaml4
-rw-r--r--kubernetes/sdc/components/sdc-cs/values.yaml4
-rw-r--r--kubernetes/sdc/components/sdc-fe/values.yaml2
-rw-r--r--kubernetes/sdc/components/sdc-onboarding-be/values.yaml4
48 files changed, 313 insertions, 129 deletions
diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties
index 78a07f2a0f..7258b7bef8 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/application.properties
+++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties
@@ -104,3 +104,7 @@ schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Value
schema.service.ssl.key-store-password=${KEYSTORE_PASSWORD}
schema.service.ssl.trust-store-password=${TRUSTSTORE_PASSWORD}
{{ end }}
+
+#to expose the Prometheus scraping endpoint
+management.metrics.distribution.percentiles-histogram[http.server.requests]=true
+management.metrics.distribution.sla[http.server.requests]=20ms, 30ms, 40ms, 50ms, 60ms, 70ms, 80ms, 90ms, 100ms, 500ms, 1000ms, 5000ms, 7000ms \ No newline at end of file
diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
index 023bf4917b..49e0ec6758 100755
--- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
@@ -108,7 +108,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/ccsdk-blueprintsprocessor:1.3.0
+image: onap/ccsdk-blueprintsprocessor:1.3.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml
index f71255bc5f..2750f5f145 100644
--- a/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml
+++ b/kubernetes/multicloud/components/multicloud-fcaps/templates/deployment.yaml
@@ -41,15 +41,15 @@ spec:
containers:
- env:
- name: MSB_PROTO
- value: {{ .Values.config.msbprotocol }}
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}"
- name: MSB_ADDR
value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}"
- name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
+ value: "aai.{{ include "common.namespace" . }}"
- name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}"
- name: AAI_SCHEMA_VERSION
value: "{{ .Values.config.aai.schemaVersion }}"
- name: AAI_USERNAME
@@ -57,7 +57,7 @@ spec:
- name: AAI_PASSWORD
value: "{{ .Values.config.aai.password }}"
- name: SSL_ENABLED
- value: "{{ .Values.config.ssl_enabled }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}"
name: {{ include "common.name" . }}
volumeMounts:
- mountPath: "{{ .Values.log.path }}"
@@ -78,7 +78,7 @@ spec:
httpGet:
path: /api/multicloud-fcaps/v1/healthcheck
port: {{ .Values.service.internalPort }}
- scheme: HTTPS
+ scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
diff --git a/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml b/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml
index fabe32e0ff..e73a942172 100644
--- a/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml
+++ b/kubernetes/multicloud/components/multicloud-fcaps/templates/service.yaml
@@ -32,7 +32,7 @@ metadata:
"url": "/api/multicloud-fcaps/v0",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
},
{
@@ -41,7 +41,7 @@ metadata:
"url": "/api/multicloud-fcaps/v1",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
}
]'
diff --git a/kubernetes/multicloud/components/multicloud-fcaps/values.yaml b/kubernetes/multicloud/components/multicloud-fcaps/values.yaml
index 21be9d38cb..b9e90af1ef 100644
--- a/kubernetes/multicloud/components/multicloud-fcaps/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-fcaps/values.yaml
@@ -26,16 +26,17 @@ image: onap/multicloud/openstack-fcaps:1.5.7
pullPolicy: Always
#Istio sidecar injection policy
-istioSidecar: false
+istioSidecar: true
# application configuration
config:
ssl_enabled: true
- msbprotocol: https
msbgateway: msb-iag
msbPort: 443
+ msbPlainPort: 80
aai:
- port: 8443
+ aaiPort: 8443
+ aaiPlainPort: 8080
schemaVersion: v13
username: AAI
password: AAI
@@ -59,7 +60,7 @@ liveness:
service:
type: ClusterIP
name: multicloud-fcaps
- portName: multicloud-fcaps
+ portName: http
externalPort: 9011
internalPort: 9011
nodePort: 87
diff --git a/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json b/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json
index 2ce2d8564b..cf818798d4 100644
--- a/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json
+++ b/kubernetes/multicloud/components/multicloud-k8s/resources/config/config.json
@@ -5,7 +5,7 @@
"port":9014,
"userName":"healthcheck",
"password":"zb!XztG34",
- "https":true
+ "https":{{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
},
"receptionHandlerParameters":{
"SDCReceptionHandler":{
@@ -27,7 +27,7 @@
"sdcConfiguration":{
"parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup",
"parameters":{
- "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443",
+ "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}",
"messageBusAddress": [
"message-router.{{ include "common.namespace" . }}"
],
@@ -54,7 +54,12 @@
"keystorePassword": "null",
"activeserverTlsAuth": false,
"isFilterinEmptyResources": true,
- "isUseHttpsWithDmaap": false
+ "isUseHttpsWithDmaap": false,
+ "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }},
+ "httpsproxyHost": "null",
+ "httpproxyHost": "null",
+ "httpsproxyPort": 8181,
+ "httpproxyPort": 8080
}
}
},
@@ -62,7 +67,7 @@
"k8sConfiguration":{
"parameterClassName":"org.onap.policy.distribution.forwarding.k8s.K8sArtifactForwarderParameterGroup",
"parameters":{
- "useHttps": true,
+ "useHttps": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }},
"hostname": "pdp",
"port": 8081,
"userName": "testpdp",
diff --git a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml
index e63be9c81c..c9912ffd17 100644
--- a/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml
+++ b/kubernetes/multicloud/components/multicloud-k8s/templates/deployment.yaml
@@ -73,6 +73,7 @@ spec:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.artifactImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: framework-artifactbroker
command: ["/opt/app/distribution/bin/artifact-dist.sh"]
args: ["/opt/app/distribution/etc/mounted/config.json"]
diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml
index b152af282e..36cb701a9b 100644
--- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml
@@ -18,7 +18,7 @@
global:
nodePortPrefixExt: 304
persistence: {}
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.3
+ artifactImage: onap/multicloud/framework-artifactbroker:1.8.1
#################################################################
# Application configuration defaults.
@@ -54,7 +54,7 @@ readiness:
service:
type: ClusterIP
name: multicloud-k8s
- portName: multicloud-k8s
+ portName: http
internalPort: 9015
externalPort: 9015
nodePort: 98
diff --git a/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml
index a802cb1466..3174dae242 100644
--- a/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml
+++ b/kubernetes/multicloud/components/multicloud-pike/templates/deployment.yaml
@@ -41,15 +41,15 @@ spec:
containers:
- env:
- name: MSB_PROTO
- value: {{ .Values.config.msbprotocol }}
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}"
- name: MSB_ADDR
value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}"
- name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
+ value: "aai.{{ include "common.namespace" . }}"
- name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}"
- name: AAI_SCHEMA_VERSION
value: "{{ .Values.config.aai.schemaVersion }}"
- name: AAI_USERNAME
@@ -57,7 +57,7 @@ spec:
- name: AAI_PASSWORD
value: "{{ .Values.config.aai.password }}"
- name: SSL_ENABLED
- value: "{{ .Values.config.ssl_enabled }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}"
name: {{ include "common.name" . }}
volumeMounts:
- mountPath: "{{ .Values.log.path }}"
diff --git a/kubernetes/multicloud/components/multicloud-pike/values.yaml b/kubernetes/multicloud/components/multicloud-pike/values.yaml
index 7b606a5492..4ed7a64ecb 100644
--- a/kubernetes/multicloud/components/multicloud-pike/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-pike/values.yaml
@@ -31,11 +31,12 @@ istioSidecar: true
# application configuration
config:
ssl_enabled: false
- msbprotocol: https
msbgateway: msb-iag
msbPort: 443
+ msbPlainPort: 80
aai:
- port: 8443
+ aaiPort: 8443
+ aaiPlainPort: 8080
schemaVersion: v13
username: AAI
password: AAI
@@ -59,7 +60,7 @@ liveness:
service:
type: ClusterIP
name: multicloud-pike
- portName: multicloud-pike
+ portName: http
externalPort: 9007
internalPort: 9007
nodePort: 96
diff --git a/kubernetes/multicloud/components/multicloud-prometheus/values.yaml b/kubernetes/multicloud/components/multicloud-prometheus/values.yaml
index 757041ce43..78373c88f2 100644
--- a/kubernetes/multicloud/components/multicloud-prometheus/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-prometheus/values.yaml
@@ -53,7 +53,7 @@ persistence:
service:
type: ClusterIP
name: multicloud-prometheus
- portName: multicloud-prometheus
+ portName: http
internalPort: 9090
externalPort: 9090
diff --git a/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json b/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json
index da0727c3a7..ebc53849d6 100644
--- a/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json
+++ b/kubernetes/multicloud/components/multicloud-starlingx/resources/config/log/config.json
@@ -5,7 +5,7 @@
"port":9014,
"userName":"healthcheck",
"password":"zb!XztG34",
- "https":true
+ "https":{{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
},
"receptionHandlerParameters":{
"SDCReceptionHandler":{
@@ -27,7 +27,7 @@
"sdcConfiguration":{
"parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup",
"parameters":{
- "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443",
+ "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}",
"messageBusAddress": [
"message-router.{{ include "common.namespace" . }}"
],
@@ -53,7 +53,12 @@
"keystorePassword": "null",
"activeserverTlsAuth": false,
"isFilterinEmptyResources": true,
- "isUseHttpsWithDmaap": false
+ "isUseHttpsWithDmaap": false,
+ "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }},
+ "httpsproxyHost": "null",
+ "httpproxyHost": "null",
+ "httpsproxyPort": 8181,
+ "httpproxyPort": 8080
}
}
},
diff --git a/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml
index 2524cd8421..7f178063b5 100644
--- a/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml
+++ b/kubernetes/multicloud/components/multicloud-starlingx/templates/deployment.yaml
@@ -41,15 +41,15 @@ spec:
containers:
- env:
- name: MSB_PROTO
- value: {{ .Values.config.msbprotocol }}
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}"
- name: MSB_ADDR
value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}"
- name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
+ value: "aai.{{ include "common.namespace" . }}"
- name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}"
- name: AAI_SCHEMA_VERSION
value: "{{ .Values.config.aai.schemaVersion }}"
- name: AAI_USERNAME
@@ -57,7 +57,7 @@ spec:
- name: AAI_PASSWORD
value: "{{ .Values.config.aai.password }}"
- name: SSL_ENABLED
- value: "{{ .Values.config.ssl_enabled }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}"
name: {{ include "common.name" . }}
volumeMounts:
- mountPath: "{{ .Values.log.path }}"
@@ -79,7 +79,7 @@ spec:
httpGet:
path: /api/multicloud-starlingx/v0/swagger.json
port: {{ .Values.service.internalPort }}
- scheme: HTTPS
+ scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
diff --git a/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml b/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml
index cf67f106ee..5c30c26296 100644
--- a/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml
+++ b/kubernetes/multicloud/components/multicloud-starlingx/templates/service.yaml
@@ -32,7 +32,7 @@ metadata:
"url": "/api/multicloud-starlingx/v0",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
},
{
@@ -41,7 +41,7 @@ metadata:
"url": "/api/multicloud-starlingx/v1",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
}
]'
diff --git a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
index e59f34a8bc..1232c3b79a 100644
--- a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
@@ -17,7 +17,7 @@
#################################################################
global:
nodePortPrefixExt: 304
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.3
+ artifactImage: onap/multicloud/framework-artifactbroker:1.8.1
#################################################################
# Application configuration defaults.
@@ -33,11 +33,12 @@ istioSidecar: false
# application configuration
config:
ssl_enabled: true
- msbprotocol: https
msbgateway: msb-iag
msbPort: 443
+ msbPlainPort: 80
aai:
- port: 8443
+ aaiPort: 8443
+ aaiPlainPort: 8080
schemaVersion: v13
username: AAI
password: AAI
diff --git a/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml
index 1d27d6eb33..c5c368c8b5 100644
--- a/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml
+++ b/kubernetes/multicloud/components/multicloud-vio/templates/deployment.yaml
@@ -41,14 +41,16 @@ spec:
spec:
containers:
- env:
+ - name: MSB_PROTO
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}"
- name: MSB_ADDR
- value: "{{ .Values.config.msbgateway }}"
+ value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- name: MSB_PORT
- value: "{{ .Values.config.msbPort }}.{{ include "common.namespace" . }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}"
- name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
+ value: "aai.{{ include "common.namespace" . }}"
- name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}"
- name: AAI_SCHEMA_VERSION
value: "{{ .Values.config.aai.schemaVersion }}"
- name: AAI_USERNAME
diff --git a/kubernetes/multicloud/components/multicloud-vio/values.yaml b/kubernetes/multicloud/components/multicloud-vio/values.yaml
index 17643baffe..3b852df885 100644
--- a/kubernetes/multicloud/components/multicloud-vio/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-vio/values.yaml
@@ -23,7 +23,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/multicloud/vio:1.4.1
+image: onap/multicloud/vio:1.4.2
pullPolicy: Always
#Istio sidecar injection policy
@@ -32,9 +32,11 @@ istioSidecar: true
# application configuration
config:
msbgateway: msb-iag
- msbPort: 80
+ msbPort: 443
+ msbPlainPort: 80
aai:
- port: 8443
+ aaiPort: 8443
+ aaiPlainPort: 8080
schemaVersion: v13
username: AAI
password: AAI
@@ -58,7 +60,7 @@ liveness:
service:
type: ClusterIP
name: multicloud-vio
- portName: multicloud-vio
+ portName: http
externalPort: 9004
internalPort: 9004
nodePort: 92
diff --git a/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json b/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json
index 655076a901..e34637666f 100644
--- a/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json
+++ b/kubernetes/multicloud/components/multicloud-windriver/resources/config/log/config.json
@@ -5,7 +5,7 @@
"port":9014,
"userName":"healthcheck",
"password":"zb!XztG34",
- "https":true
+ "https":{{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
},
"receptionHandlerParameters":{
"SDCReceptionHandler":{
@@ -27,7 +27,7 @@
"sdcConfiguration":{
"parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup",
"parameters":{
- "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443",
+ "asdcAddress": "sdc-be.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }}",
"messageBusAddress": [
"message-router.{{ include "common.namespace" . }}"
],
@@ -53,7 +53,12 @@
"keystorePassword": "null",
"activeserverTlsAuth": false,
"isFilterinEmptyResources": true,
- "isUseHttpsWithDmaap": false
+ "isUseHttpsWithDmaap": false,
+ "isUseHttpsWithSDC": {{ (eq "true" (include "common.needTLS" .)) | ternary true false }},
+ "httpsproxyHost": "null",
+ "httpproxyHost": "null",
+ "httpsproxyPort": 8181,
+ "httpproxyPort": 8080
}
}
},
diff --git a/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml b/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml
index 7656632737..8eadcf689d 100644
--- a/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml
+++ b/kubernetes/multicloud/components/multicloud-windriver/templates/deployment.yaml
@@ -50,15 +50,15 @@ spec:
containers:
- env:
- name: MSB_PROTO
- value: {{ .Values.config.msbprotocol }}
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}"
- name: MSB_ADDR
value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}"
- name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
+ value: "aai.{{ include "common.namespace" . }}"
- name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}"
- name: AAI_SCHEMA_VERSION
value: "{{ .Values.config.aai.schemaVersion }}"
- name: AAI_USERNAME
@@ -66,7 +66,7 @@ spec:
- name: AAI_PASSWORD
value: "{{ .Values.config.aai.password }}"
- name: SSL_ENABLED
- value: "{{ .Values.config.ssl_enabled }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}"
name: {{ include "common.name" . }}
volumeMounts:
- mountPath: "{{ .Values.log.path }}"
@@ -88,7 +88,7 @@ spec:
httpGet:
path: /api/multicloud-titaniumcloud/v1/swagger.json
port: {{ .Values.service.internalPort }}
- scheme: HTTPS
+ scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
diff --git a/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml b/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml
index 5a555b3222..f71306740f 100644
--- a/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml
+++ b/kubernetes/multicloud/components/multicloud-windriver/templates/service.yaml
@@ -33,7 +33,7 @@ metadata:
"url": "/api/multicloud-titanium_cloud/v0",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
},
{
@@ -42,7 +42,7 @@ metadata:
"url": "/api/multicloud-titaniumcloud/v0",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
},
{
@@ -51,7 +51,7 @@ metadata:
"url": "/api/multicloud-titaniumcloud/v1",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
}
]'
diff --git a/kubernetes/multicloud/components/multicloud-windriver/values.yaml b/kubernetes/multicloud/components/multicloud-windriver/values.yaml
index 1a6527b4cb..33802937cd 100644
--- a/kubernetes/multicloud/components/multicloud-windriver/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-windriver/values.yaml
@@ -18,7 +18,7 @@
#################################################################
global:
nodePortPrefix: 302
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.3
+ artifactImage: onap/multicloud/framework-artifactbroker:1.8.1
persistence: {}
#################################################################
@@ -34,11 +34,12 @@ istioSidecar: true
# application configuration
config:
ssl_enabled: true
- msbprotocol: https
msbgateway: msb-iag
msbPort: 443
+ msbPlainPort: 80
aai:
- port: 8443
+ aaiPort: 8443
+ aaiPlainPort: 8080
schemaVersion: v13
username: AAI
password: AAI
diff --git a/kubernetes/multicloud/templates/deployment.yaml b/kubernetes/multicloud/templates/deployment.yaml
index 53716e5f44..ff9dac1898 100644
--- a/kubernetes/multicloud/templates/deployment.yaml
+++ b/kubernetes/multicloud/templates/deployment.yaml
@@ -40,15 +40,15 @@ spec:
containers:
- env:
- name: MSB_PROTO
- value: {{ .Values.config.msbprotocol }}
+ value: "{{ if (include "common.needTLS" .) }}https{{ else }}http{{ end }}"
- name: MSB_ADDR
- value: {{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}
+ value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.msbPort }}{{ else }}{{ .Values.config.msbPlainPort }}{{ end }}"
- name: AAI_ADDR
value: "aai.{{ include "common.namespace" . }}"
- name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.aai.aaiPort }}{{ else }}{{ .Values.config.aai.aaiPlainPort }}{{ end }}"
- name: AAI_SCHEMA_VERSION
value: "{{ .Values.config.aai.schemaVersion }}"
- name: AAI_USERNAME
@@ -56,7 +56,7 @@ spec:
- name: AAI_PASSWORD
value: "{{ .Values.config.aai.password }}"
- name: SSL_ENABLED
- value: "{{ .Values.config.ssl_enabled }}"
+ value: "{{- if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }}"
resources:
{{ include "common.resources" . | indent 12 }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -80,7 +80,7 @@ spec:
httpGet:
path: /api/multicloud/v0/swagger.json
port: {{ .Values.service.internalPort }}
- scheme: HTTPS
+ scheme: "{{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}"
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
diff --git a/kubernetes/multicloud/templates/service.yaml b/kubernetes/multicloud/templates/service.yaml
index 3f950db038..1c483b0d2d 100644
--- a/kubernetes/multicloud/templates/service.yaml
+++ b/kubernetes/multicloud/templates/service.yaml
@@ -18,7 +18,7 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.name }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -33,7 +33,11 @@ metadata:
"url": "/api/multicloud/v0",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
+ {{if (include "common.needTLS" .) -}}
"enable_ssl": {{ .Values.config.ssl_enabled }},
+ {{- else -}}
+ "enable_ssl": false,
+ {{- end}}
"visualRange": "1"
},
{
@@ -42,7 +46,7 @@ metadata:
"url": "/api/multicloud/v1",
"protocol": "REST",
"port": "{{ .Values.service.externalPort }}",
- "enable_ssl": {{ .Values.config.ssl_enabled }},
+ "enable_ssl": {{ if (include "common.needTLS" .) }}{{ .Values.config.ssl_enabled }}{{ else }}false{{ end }},
"visualRange": "1"
}
]'
diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml
index 977de08b6a..91dfa5cacb 100644
--- a/kubernetes/multicloud/values.yaml
+++ b/kubernetes/multicloud/values.yaml
@@ -18,7 +18,7 @@
#################################################################
global:
nodePortPrefix: 302
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.3
+ artifactImage: onap/multicloud/framework-artifactbroker:1.8.1
prometheus:
enabled: false
persistence: {}
@@ -28,7 +28,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/multicloud/framework:1.7.3
+image: onap/multicloud/framework:1.8.1
pullPolicy: Always
#Istio sidecar injection policy
@@ -57,13 +57,14 @@ multicloud-windriver:
# application configuration
config:
ssl_enabled: true
- msbprotocol: https
msbgateway: msb-iag
- msbPort: 443
logstashServiceName: log-ls
logstashPort: 5044
+ msbPort: 443
+ msbPlainPort: 80
aai:
- port: 8443
+ aaiPort: 8443
+ aaiPlainPort: 8080
schemaVersion: v13
username: AAI
password: AAI
@@ -87,7 +88,7 @@ liveness:
service:
type: ClusterIP
name: multicloud
- portName: multicloud-framework
+ portName: http
externalPort: 9001
internalPort: 9001
nodePort: 91
diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml
index 4d9ff9250e..71320dc3eb 100755
--- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml
@@ -2,6 +2,7 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
# Modifications Copyright (C) 2020 AT&T Intellectual Property.
+# Modifications Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -56,6 +57,10 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
- name: RESTSERVER_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: apexconfig-input
diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml
index db5251913e..f0fa193281 100755
--- a/kubernetes/policy/components/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml
@@ -1,6 +1,7 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
# Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
+# Modifications Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -44,12 +45,19 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
password: '{{ .Values.certStores.keyStorePassword }}'
passwordPolicy: required
+ - uid: policy-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
#################################################################
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-apex-pdp:2.7.3
+image: onap/policy-apex-pdp:2.8.0
pullPolicy: Always
# flag to enable debugging - application support required
@@ -160,3 +168,26 @@ metrics:
chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
release: '{{ include "common.release" . }}'
heritage: '{{ .Release.Service }}'
+
+# application configuration
+config:
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: policy-group
+ app:
+ listener:
+ policyPdpPapTopic: policy-pdp-pap
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+#
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: policy-group
+#
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index 0e3ada8956..45e54ed3aa 100755
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -79,7 +79,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-api:2.6.3
+image: onap/policy-api:2.7.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml
index 406b59c545..bae5941854 100644
--- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml
@@ -23,18 +23,17 @@ spring:
password: ${RESTSERVER_PASSWORD}
{{- if .Values.config.useStrimziKafka }}
kafka:
+ consumer:
+ group-id: {{ .Values.config.kafka.consumer.groupId }}
bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
security.protocol: SASL_PLAINTEXT
properties.sasl:
mechanism: SCRAM-SHA-512
jaas.config: ${JAASLOGIN}
{{ else }}
-{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{ toYaml .Values.config.eventConsumption | nindent 2 }}
{{- end }}
-{{- if .Values.config.additional }}
-{{ toYaml .Values.config.additional | nindent 2 }}
-{{- end }}
security:
enable-csrf: false
@@ -62,6 +61,29 @@ participant:
- ${topicServer:message-router}
topicCommInfrastructure: dmaap
useHttps: true
+# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below
+# clampAutomationCompositionTopics:
+# topicSources:
+# - topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# fetchTimeout: 15000
+# useHttps: true
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+# topicSinks:
+# - topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# useHttps: true
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
management:
endpoints:
diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
index 5f8aa3b5a1..697ce6ea47 100644
--- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml
@@ -78,7 +78,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-http-ppnt:6.2.3
+image: onap/policy-clamp-ac-http-ppnt:6.3.0
pullPolicy: Always
# application configuration
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
index 6c14fd2207..00451b9425 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
@@ -21,20 +21,19 @@ spring:
user:
name: ${RESTSERVER_USER}
password: ${RESTSERVER_PASSWORD}
-{{- if .Values.config.useStrimziKafka }}
kafka:
+ consumer:
+ group-id: {{ .Values.config.kafka.consumer.groupId }}
+{{- if .Values.config.useStrimziKafka }}
bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
security.protocol: SASL_PLAINTEXT
properties.sasl:
mechanism: SCRAM-SHA-512
jaas.config: ${JAASLOGIN}
{{ else }}
-{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{ toYaml .Values.config.eventConsumption | nindent 2 }}
{{- end }}
-{{- if .Values.config.additional }}
-{{ toYaml .Values.config.additional | nindent 2 }}
-{{- end }}
security:
enable-csrf: false
@@ -67,6 +66,32 @@ participant:
topicCommInfrastructure: dmaap
useHttps: true
+# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below
+# clampAutomationCompositionTopics:
+# topicSources:
+# -
+# topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# fetchTimeout: 15000
+# useHttps: true
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+# topicSinks:
+# -
+# topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# useHttps: true
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+
management:
endpoints:
web:
diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
index 2cf8d2d723..b8f6b9f3c4 100644
--- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml
@@ -79,7 +79,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-k8s-ppnt:6.2.3
+image: onap/policy-clamp-ac-k8s-ppnt:6.3.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
index 856b16d91d..07d5eca377 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
@@ -21,20 +21,19 @@ spring:
user:
name: ${RESTSERVER_USER}
password: ${RESTSERVER_PASSWORD}
-{{- if .Values.config.useStrimziKafka }}
kafka:
+ consumer:
+ group-id: {{ .Values.config.kafka.consumer.groupId }}
+{{- if .Values.config.useStrimziKafka }}
bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
security.protocol: SASL_PLAINTEXT
properties.sasl:
mechanism: SCRAM-SHA-512
jaas.config: ${JAASLOGIN}
{{ else }}
-{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{ toYaml .Values.config.eventConsumption | nindent 2 }}
{{- end }}
-{{- if .Values.config.additional }}
-{{ toYaml .Values.config.additional | nindent 2 }}
-{{- end }}
security:
enable-csrf: false
@@ -83,6 +82,32 @@ participant:
topicCommInfrastructure: dmaap
useHttps: true
+# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below
+# clampAutomationCompositionTopics:
+# topicSources:
+# -
+# topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# fetchTimeout: 15000
+# useHttps: true
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+# topicSinks:
+# -
+# topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# useHttps: true
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+
management:
endpoints:
web:
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
index 6fefa02783..9d000f1018 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
@@ -90,7 +90,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-pf-ppnt:6.2.3
+image: onap/policy-clamp-ac-pf-ppnt:6.3.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml
index c23657c421..3442cdd3be 100644
--- a/kubernetes/policy/components/policy-clamp-be/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/values.yaml
@@ -71,7 +71,7 @@ secrets:
flavor: small
# application image
-image: onap/policy-clamp-backend:6.2.3
+image: onap/policy-clamp-backend:6.3.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml
index 219be24079..4fb70fc337 100644
--- a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml
@@ -44,19 +44,17 @@ spring:
hibernate:
dialect: org.hibernate.dialect.MariaDB103Dialect
format_sql: true
-{{- if .Values.config.useStrimziKafka }}
kafka:
+ consumer:
+ group-id: {{ .Values.config.kafka.consumer.groupId }}
+{{- if .Values.config.useStrimziKafka }}
bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
security.protocol: SASL_PLAINTEXT
properties.sasl:
mechanism: SCRAM-SHA-512
jaas.config: ${JAASLOGIN}
{{ else }}
-{{ toYaml .Values.config.eventPublisher | nindent 2 }}
-{{- end }}
-
-{{- if .Values.config.additional }}
-{{ toYaml .Values.config.additional | nindent 2 }}
+{{ toYaml .Values.config.eventConsumption | nindent 2 }}
{{- end }}
security:
@@ -95,6 +93,32 @@ runtime:
topicCommInfrastructure: dmaap
useHttps: true
+# If Strimzi Kafka to be used for communication, replace clampAutomationCompositionTopics configuration with below
+# topicParameterGroup:
+# topicSources:
+# -
+# topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# useHttps: true
+# fetchTimeout: 15000
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+# topicSinks:
+# -
+# topic: policy-acruntime-participant
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# useHttps: true
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+
management:
endpoints:
web:
diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
index d224aa6bc4..87b613a3ef 100644
--- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml
@@ -85,7 +85,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-runtime-acm:6.2.3
+image: onap/policy-clamp-runtime-acm:6.3.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml
index d36f1c2275..fe1c720590 100755
--- a/kubernetes/policy/components/policy-distribution/values.yaml
+++ b/kubernetes/policy/components/policy-distribution/values.yaml
@@ -67,7 +67,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-distribution:2.7.3
+image: onap/policy-distribution:2.8.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml
index 74c743cb2b..d48d05fe44 100755
--- a/kubernetes/policy/components/policy-drools-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml
@@ -41,7 +41,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pdpd-cl:1.10.3
+image: onap/policy-pdpd-cl:1.11.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml
index 60a6ce38c4..c605b6b6ea 100644
--- a/kubernetes/policy/components/policy-gui/values.yaml
+++ b/kubernetes/policy/components/policy-gui/values.yaml
@@ -73,7 +73,7 @@ subChartsOnly:
flavor: small
# application image
-image: onap/policy-gui:2.2.3
+image: onap/policy-gui:2.3.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
index 195b087ff1..7cb32d0079 100644
--- a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
+++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
@@ -1,5 +1,6 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2022 Bell Canada. All rights reserved.
+# Modifications Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -40,19 +41,17 @@ spring:
naming:
physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy
-{{- if .Values.config.useStrimziKafka }}
kafka:
+ consumer:
+ group-id: {{ .Values.config.kafka.consumer.groupId }}
+{{- if .Values.config.useStrimziKafka }}
bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
security.protocol: SASL_PLAINTEXT
properties.sasl:
mechanism: SCRAM-SHA-512
jaas.config: ${JAASLOGIN}
{{ else }}
-{{ toYaml .Values.config.eventPublisher | nindent 2 }}
-{{- end }}
-
-{{- if .Values.config.additional }}
-{{ toYaml .Values.config.additional | nindent 2 }}
+{{ toYaml .Values.config.eventConsumption | nindent 2 }}
{{- end }}
server:
@@ -99,6 +98,15 @@ pap:
- message-router
useHttps: true
topicCommInfrastructure: dmaap
+# If Strimzi Kafka to be used for communication, replace following configuration for topicSources and topicSinks
+# servers:
+# - {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+# topicCommInfrastructure: kafka
+# additionalProps:
+# security.protocol: SASL_PLAINTEXT
+# sasl.mechanism: SCRAM-SHA-512
+# sasl.jaas.config: ${JAASLOGIN}
+
healthCheckRestClientParameters:
- clientName: api
hostname: policy-api
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index 2c240d2347..0dc6dbe4dc 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -2,6 +2,7 @@
# Copyright (C) 2019 Nordix Foundation.
# Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
# Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved.
+# Modifications Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -99,7 +100,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pap:2.6.3
+image: onap/policy-pap:2.7.0
pullPolicy: Always
# flag to enable debugging - application support required
@@ -211,7 +212,7 @@ config:
kafkaBootstrap: strimzi-kafka-bootstrap
kafka:
consumer:
- groupId: poicy-group
+ groupId: policy-group
app:
listener:
policyPdpPapTopic: policy-pdp-pap
diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
index e7e7eebefe..3a44719727 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -83,7 +83,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-xacml-pdp:2.6.3
+image: onap/policy-xacml-pdp:2.7.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/templates/policy-kafka-user.yaml b/kubernetes/policy/templates/policy-kafka-user.yaml
index 1bc7ab1d3a..43edb64c83 100644
--- a/kubernetes/policy/templates/policy-kafka-user.yaml
+++ b/kubernetes/policy/templates/policy-kafka-user.yaml
@@ -1,5 +1,6 @@
{{/*
# Copyright © 2022 Nordix Foundation
+# Modifications Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -29,13 +30,21 @@ spec:
- resource:
type: group
name: {{ .Values.config.acRuntimeTopic.consumer.groupId }}
- operation: Read
+ operation: All
- resource:
type: topic
name: {{ .Values.config.acRuntimeTopic.name }}
- operation: Read
+ operation: All
- resource:
type: topic
- name: {{ .Values.config.acRuntimeTopic.name }}
- operation: Write
+ name: {{ .Values.config.policyPdpPapTopic.name }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.config.policyHeartbeatTopic.name }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.config.policyNotificationTopic.name }}
+ operation: All
{{- end }}
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index d7d556a39f..aa3fdb7bf2 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -237,6 +237,7 @@ config:
segmentBytes: 1073741824
consumer:
groupId: policy-group
+ someConfig: blah
mariadb-galera:
# mariadb-galera.config and global.mariadb.config must be equals
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index 2da601b26c..d92bf49ec3 100644
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -35,8 +35,8 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-backend-all-plugins:1.11.6
-backendInitImage: onap/sdc-backend-init:1.11.6
+image: onap/sdc-backend-all-plugins:1.11.8
+backendInitImage: onap/sdc-backend-init:1.11.8
pullPolicy: Always
diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
index d126aecbaf..86e2b7b8e1 100644
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -51,8 +51,8 @@ cassandra:
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.11.6
-cassandraInitImage: onap/sdc-cassandra-init:1.11.6
+image: onap/sdc-cassandra:1.11.8
+cassandraInitImage: onap/sdc-cassandra-init:1.11.8
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
index 722f6130a5..04d96448d0 100644
--- a/kubernetes/sdc/components/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -47,7 +47,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-frontend:1.11.6
+image: onap/sdc-frontend:1.11.8
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
index 91363a83ed..9c68f57911 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -59,8 +59,8 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.11.6
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.6
+image: onap/sdc-onboard-backend:1.11.8
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.8
pullPolicy: Always
# flag to enable debugging - application support required