diff options
14 files changed, 149 insertions, 22 deletions
diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index d630647883..1297809658 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -122,7 +122,7 @@ spec: - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} - name: POST_JAVA_OPTS - value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' + value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' - name: TRUSTORE_ALL_PASSWORD value: {{ .Values.certInitializer.truststorePassword }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index cc56bb4859..31b375be5c 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -129,6 +129,133 @@ mariadb-galera: disableNfsProvisioner: true serviceAccount: nameOverride: *appc-db + replicaCount: 1 + + mariadbConfiguration: |- + [client] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + plugin_dir=/opt/bitnami/mariadb/plugin + + [mysqld] + lower_case_table_names = 1 + default_storage_engine=InnoDB + basedir=/opt/bitnami/mariadb + datadir=/bitnami/mariadb/data + plugin_dir=/opt/bitnami/mariadb/plugin + tmpdir=/opt/bitnami/mariadb/tmp + socket=/opt/bitnami/mariadb/tmp/mysql.sock + pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid + bind_address=0.0.0.0 + + ## Character set + collation_server=utf8_unicode_ci + init_connect='SET NAMES utf8' + character_set_server=utf8 + + ## MyISAM + key_buffer_size=32M + myisam_recover_options=FORCE,BACKUP + + ## Safety + skip_host_cache + skip_name_resolve + max_allowed_packet=16M + max_connect_errors=1000000 + sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE + sysdate_is_now=1 + + ## Binary Logging + log_bin=mysql-bin + expire_logs_days=14 + # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql + sync_binlog=0 + # Required for Galera + binlog_format=row + + ## Caches and Limits + tmp_table_size=32M + max_heap_table_size=32M + # Re-enabling as now works with Maria 10.1.2 + query_cache_type=1 + query_cache_limit=4M + query_cache_size=256M + max_connections=500 + thread_cache_size=50 + open_files_limit=65535 + table_definition_cache=4096 + table_open_cache=4096 + + ## InnoDB + innodb=FORCE + innodb_strict_mode=1 + # Mandatory per https://github.com/codership/documentation/issues/25 + innodb_autoinc_lock_mode=2 + # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/ + innodb_doublewrite=1 + innodb_flush_method=O_DIRECT + innodb_log_files_in_group=2 + innodb_log_file_size=128M + innodb_flush_log_at_trx_commit=1 + innodb_file_per_table=1 + # 80% Memory is default reco. + # Need to re-evaluate when DB size grows + innodb_buffer_pool_size=2G + innodb_file_format=Barracuda + + ## Logging + log_error=/opt/bitnami/mariadb/logs/mysqld.log + slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log + log_queries_not_using_indexes=1 + slow_query_log=1 + + ## SSL + ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem + # ssl_ca=/certs/ca.pem + # ssl_cert=/certs/server-cert.pem + # ssl_key=/certs/server-key.pem + + [galera] + wsrep_on=ON + wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so + wsrep_sst_method=mariabackup + wsrep_slave_threads=4 + wsrep_cluster_address=gcomm:// + wsrep_cluster_name=galera + wsrep_sst_auth="root:" + # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit + innodb_flush_log_at_trx_commit=2 + # MYISAM REPLICATION SUPPORT # + wsrep_replicate_myisam=ON + binlog_format=row + default_storage_engine=InnoDB + innodb_autoinc_lock_mode=2 + transaction-isolation=READ-COMMITTED + wsrep_causal_reads=1 + wsrep_sync_wait=7 + + [mariadb] + plugin_load_add=auth_pam + + ## Data-at-Rest Encryption + ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem + # plugin_load_add=file_key_management + # file_key_management_filename=/encryption/keyfile.enc + # file_key_management_filekey=FILE:/encryption/keyfile.key + # file_key_management_encryption_algorithm=AES_CTR + # encrypt_binlog=ON + # encrypt_tmp_files=ON + + ## InnoDB/XtraDB Encryption + # innodb_encrypt_tables=ON + # innodb_encrypt_temporary_tables=ON + # innodb_encrypt_log=ON + # innodb_encryption_threads=4 + # innodb_encryption_rotate_key_age=1 + + ## Aria Encryption + # aria_encrypt_tables=ON + # encrypt_tmp_disk_tables=ON dgbuilder: nameOverride: appc-dgbuilder diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh index 87e584c78e..e986c3909f 100755 --- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh +++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh @@ -1,7 +1,7 @@ -#!/bin/bash +#!/bin/sh {{/* -# Copyright © 2020 Bell Canada +# Copyright © 2020-2021 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 79b1cb2933..0991031939 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -478,18 +478,18 @@ flavor: small resources: small: limits: - cpu: 500m - memory: 2.5Gi + cpu: 1 + memory: 4Gi requests: - cpu: 100m - memory: 750Mi + cpu: 500m + memory: 2Gi large: limits: cpu: 2 - memory: 4Gi + memory: 6Gi requests: cpu: 1 - memory: 2Gi + memory: 3Gi unlimited: {} ## MariaDB Galera containers' liveness and readiness probes diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index e92e415414..ae0b80e869 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2021 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -53,7 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.0 +image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.3 pullPolicy: Always # probe configuration parameters @@ -66,8 +66,8 @@ liveness: enabled: false readiness: - initialDelaySeconds: 30 - periodSeconds: 30 + initialDelaySeconds: 300 + periodSeconds: 90 path: /ccsdk-app/health scheme: HTTPS diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml index df0e270db5..a82eef85d4 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -105,7 +105,7 @@ config: mariadb: name: *dmaap-dr-db nameOverride: *dmaap-dr-db - replicaCount: 3 + replicaCount: 1 db: externalSecret: *dbSecretName name: datarouter diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index 44560e3351..307524c4fa 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -24,7 +24,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/k8s:0.8.1 +image: onap/multicloud/k8s:0.8.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml index ea286b09c1..f3358d007d 100644 --- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml +++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml @@ -25,7 +25,7 @@ aaf: aai: enabled: true appc: - enabled: true + enabled: false cds: enabled: true clamp: diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index d6c447240d..4c5328eee2 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -30,7 +30,7 @@ aaf: aai: enabled: true appc: - enabled: true + enabled: false cds: enabled: true clamp: diff --git a/kubernetes/portal/components/portal-app/templates/deployment.yaml b/kubernetes/portal/components/portal-app/templates/deployment.yaml index 71b2aa3227..39393efb59 100644 --- a/kubernetes/portal/components/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-app/templates/deployment.yaml @@ -104,7 +104,7 @@ spec: -Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}" -Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}" {{- else }} - args: ["/start-apache-tomcat.sh -i "" -n "" -b {{ .Values.global.env.tomcatDir }}"] + args: ["/start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"] {{- end }} ports: - containerPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties index 57a16bd488..303e504aa9 100644 --- a/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties +++ b/kubernetes/sdnc/resources/config/conf/mountpoint-registrar.properties @@ -23,7 +23,6 @@ topic=unauthenticated.SEC_FAULT_OUTPUT contenttype=application/json group=myG id=C1 -timeout=50000 limit=10000 [pnfRegistration] @@ -41,5 +40,4 @@ topic=unauthenticated.VES_PNFREG_OUTPUT contenttype=application/json group=myG id=C1 -timeout=50000 limit=10000 diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml index e3be4bc46a..d860c8c665 100644 --- a/kubernetes/sdnc/templates/service.yaml +++ b/kubernetes/sdnc/templates/service.yaml @@ -75,7 +75,7 @@ spec: targetPort: {{ .Values.service.internalPort }} {{- else -}} port: {{ .Values.service.internalPort4 }} - target: {{ .Values.service.internalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} {{ end }} - name: "{{ .Values.service.portName }}-karaf" port: {{ .Values.service.externalPort2 }} diff --git a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml index 0971b4f0db..5c7a9af467 100755 --- a/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -136,6 +136,7 @@ org: unassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource vnf-topology-operation: create: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource + update: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource changeassign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index 19197c7f76..0560832a5f 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -55,6 +55,7 @@ mariadb-galera: disableNfsProvisioner: true serviceAccount: nameOverride: *vfc-mariadb + replicaCount: 1 db: &dbConfig mariadbService: vfc-mariadb @@ -100,4 +101,4 @@ vfc-workflow-engine: workflowPort: 10550 vfc-zte-vnfm-driver: - enabled: true
\ No newline at end of file + enabled: true |