diff options
Diffstat (limited to 'archive/dcaegen2-services/components/dcae-slice-analysis-ms')
7 files changed, 502 insertions, 0 deletions
diff --git a/archive/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml new file mode 100644 index 0000000000..f90bd1ef95 --- /dev/null +++ b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml @@ -0,0 +1,45 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# Modifications Copyright © 2021 Orange +# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2023 Deutsche Telekom AG. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v2 +appVersion: "London" +description: DCAE SliceAnalysis MS charts +name: dcae-slice-analysis-ms +version: 13.0.0 + +dependencies: + - name: common + version: ~13.x-0 + repository: '@local' + - name: postgres + version: ~13.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~13.x-0 + repository: '@local' + - name: readinessCheck + version: ~13.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~13.x-0 + repository: '@local' + - name: serviceAccount + version: ~13.x-0 + repository: '@local' diff --git a/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/authorizationpolicy.yaml b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/authorizationpolicy.yaml new file mode 100644 index 0000000000..30d173c2d8 --- /dev/null +++ b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/authorizationpolicy.yaml @@ -0,0 +1,136 @@ +{{/* +# Copyright © 2023 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.authorizationPolicy" . }} +--- +{{- $dot := default . .dot -}} +{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} +{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} +{{- $defaultOperationPorts := list "5432" -}} +{{- $relName := include "common.release" . -}} +{{- $postgresName := $dot.Values.postgres.service.name -}} +{{- if (include "common.useAuthorizationPolicies" .) }} +apiVersion: security.istio.io/v1beta1 +kind: AuthorizationPolicy +metadata: + name: {{ $relName }}-{{ $postgresName }}-authz + namespace: {{ include "common.namespace" . }} +spec: + selector: + matchLabels: + app: {{ $postgresName }} + action: ALLOW + rules: +{{- if $authorizedPrincipalsPostgres }} +{{- range $principal := $authorizedPrincipalsPostgres }} + - from: + - source: + principals: +{{- $namespace := default "onap" $principal.namespace -}} +{{- if eq "onap" $namespace }} + - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" +{{- else }} + - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" +{{- end }} + to: + - operation: + ports: +{{- range $port := $defaultOperationPorts }} + - "{{ $port }}" +{{- end }} +{{- end }} +{{- end }} +{{- end }} +--- +{{- $dot := default . .dot -}} +{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} +{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} +{{- $defaultOperationPorts := list "5432" -}} +{{- $relName := include "common.release" . -}} +{{- $postgresName := $dot.Values.postgres.service.name -}} +{{- $pgHost := "primary" -}} +{{- if (include "common.useAuthorizationPolicies" .) }} +apiVersion: security.istio.io/v1beta1 +kind: AuthorizationPolicy +metadata: + name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz + namespace: {{ include "common.namespace" . }} +spec: + selector: + matchLabels: + app: {{ $postgresName }}-{{ $pgHost }} + action: ALLOW + rules: +{{- if $authorizedPrincipalsPostgres }} +{{- range $principal := $authorizedPrincipalsPostgres }} + - from: + - source: + principals: +{{- $namespace := default "onap" $principal.namespace -}} +{{- if eq "onap" $namespace }} + - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" +{{- else }} + - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" +{{- end }} + to: + - operation: + ports: +{{- range $port := $defaultOperationPorts }} + - "{{ $port }}" +{{- end }} +{{- end }} +{{- end }} +{{- end }} +--- +{{- $dot := default . .dot -}} +{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} +{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} +{{- $defaultOperationPorts := list "5432" -}} +{{- $relName := include "common.release" . -}} +{{- $postgresName := $dot.Values.postgres.service.name -}} +{{- $pgHost := "replica" -}} +{{- if (include "common.useAuthorizationPolicies" .) }} +apiVersion: security.istio.io/v1beta1 +kind: AuthorizationPolicy +metadata: + name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz + namespace: {{ include "common.namespace" . }} +spec: + selector: + matchLabels: + app: {{ $postgresName }}-{{ $pgHost }} + action: ALLOW + rules: +{{- if $authorizedPrincipalsPostgres }} +{{- range $principal := $authorizedPrincipalsPostgres }} + - from: + - source: + principals: +{{- $namespace := default "onap" $principal.namespace -}} +{{- if eq "onap" $namespace }} + - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" +{{- else }} + - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" +{{- end }} + to: + - operation: + ports: +{{- range $port := $defaultOperationPorts }} + - "{{ $port }}" +{{- end }} +{{- end }} +{{- end }} +{{- end }}
\ No newline at end of file diff --git a/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml new file mode 100644 index 0000000000..26be310888 --- /dev/null +++ b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml new file mode 100644 index 0000000000..02b5df8135 --- /dev/null +++ b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml new file mode 100644 index 0000000000..c4596e5b21 --- /dev/null +++ b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml new file mode 100644 index 0000000000..ba0283dda5 --- /dev/null +++ b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/archive/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml new file mode 100644 index 0000000000..fd70e36619 --- /dev/null +++ b/archive/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -0,0 +1,241 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021-2022 Wipro Limited. +# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved. +# Copyright (C) 2022 Huawei Canada Limited. +# Copyright (c) 2023 Deutsche Telekom AG. All rights reserved. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + centralizedLoggingEnabled: true + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-sliceanalysisms-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "sliceanalysisms-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.2.1 +pullPolicy: IfNotPresent + +################################################################# +# Policy Sync Container Image. +################################################################# +# optional Policy configuration properties +# if present, policy-sync side car will be deployed +# policy sync is used for provide runtime configuration for slicems +# policy id is originally set to "onap.dcae.slicems.config" + +#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +#pullPolicy: IfNotPresent +#policies: +# duration: +# 10 +# policyID: | +# '["onap.dcae.slicems.config"]' + +# Log directory where logging sidecar should look for log files +# if path is set to null sidecar won't be deployed in spite of +# global.centralizedLoggingEnabled setting. +log: + path: /var/log/ONAP/dcaegen2/services/sliceanalysisms +logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + +# Probe Configuration +readiness: + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTP + port: 8080 + +# Service Configuration +service: + type: ClusterIP + name: dcae-slice-analysis-ms + ports: + - name: http + port: 8080 + port_protocol: http + +serviceMesh: + authorizationPolicy: + authorizedPrincipals: + - serviceAccount: message-router-read + authorizedPrincipalsPostgres: + - serviceAccount: dcae-slice-analysis-ms-read + +credentials: +- name: PG_USERNAME + uid: *pgUserCredsSecretUid + key: login +- name: PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + +# Initial Application Configuration +applicationConfig: + postgres.host: dcae-sliceanalysisms-pg-primary + postgres.port: 5432 + postgres.username: ${PG_USERNAME} + postgres.password: ${PG_PASSWORD} + trust_store_path: /opt/app/sliceanalysisms/etc/cert/trust.jks + trust_store_pass_path: /opt/app/sliceanalysisms/etc/cert/trust.pass + sliceanalysisms.pollingInterval: 20 + sliceanalysisms.pollingTimeout: 60 + cbsPollingInterval: 60 + sliceanalysisms.namespace: onap + sliceanalysisms.dmaap.server: ["message-router"] + sliceanalysisms.bufferTime: 60 + sliceanalysisms.cg: sliceanalysisms-cg + sliceanalysisms.cid: sliceanalysisms-cid + sliceanalysisms.configDb.service: http://config-db:8080 + sliceanalysisms.configDbEnabled: true + sliceanalysisms.aai.url: http://aai-internal.onap.svc.cluster.local:80/aai/v21 + sliceanalysisms.cps.url: http://cps:8080 + sliceanalysisms.samples: 3 + sliceanalysisms.minPercentageChange: 5 + sliceanalysisms.initialDelaySeconds: 120000 + sliceanalysisms.rannfnssiDetailsTemplateId: get-rannfnssiid-details + sliceanalysisms.desUrl: http://dl-des:1681/datalake/v1/exposure/pm_data + sliceanalysisms.pmDataDurationInWeeks: 4 + sliceanalysisms.vesNotifPollingInterval: 15 + sliceanalysisms.vesNotifChangeIdentifier: PM_BW_UPDATE + sliceanalysisms.vesNotifChangeType: BandwidthChanged + sliceanalysisms.aaiNotif.targetAction: UPDATE + sliceanalysisms.aaiNotif.targetSource: UUI + sliceanalysisms.aaiNotif.targetEntity: service-instance + sliceanalysisms.ccvpnEvalInterval: 5 + sliceanalysisms.ccvpnEvalUpperThreshold: 0.8 + sliceanalysisms.ccvpnEvalLowerThreshold: 0.3 + sliceanalysisms.ccvpnEvalPrecision: 100.0 + sliceanalysisms.ccvpnEvalPeriodicCheckOn: true + sliceanalysisms.ccvpnEvalOnDemandCheckOn: true + sliceanalysisms.ccvpnEvalStrategy: FlexibleThresholdStrategy + streams_publishes: + CL_topic: + type: message-router + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT + streams_subscribes: + performance_management_topic: + type: message-router + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS + intelligent_slicing_topic: + type: message-router + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.ML_RESPONSE_TOPIC + dcae_cl_response_topic: + type: message-router + dmaap_info: + topic_url: http://message-router:3904/events/DCAE_CL_RSP + ves_ccvpn_notification_topic: + type: message-router + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT + aai_subscriber: + type: message-router + servers : ["message-router:3904"] + consumer_group: dcae_ccvpn_cl + consumer_instance: dcae_ccvpn_cl_aaievent + fetch_timeout: 15000 + fetch_limit: 100 + dmaap_info: + topic_url: http://message-router:3904/events/AAI-EVENT + +applicationEnv: + CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + #Temporary Dummy CBS Port Value until internal SDK library is updated + CONFIG_BINDING_SERVICE_SERVICE_PORT: '0000' + STANDALONE: 'false' + +# Resource Limit Flavor -By Default Using Small +flavor: small +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: "2" + memory: "2Gi" + requests: + cpu: "1" + memory: "2Gi" + large: + limits: + cpu: "4" + memory: "4Gi" + requests: + cpu: "2" + memory: "4Gi" + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: &postgresName dcae-sliceanalysisms-postgres + service: + name: *postgresName + name2: dcae-sliceanalysisms-pg-primary + name3: dcae-sliceanalysisms-pg-replica + container: + name: + primary: dcae-sliceanalysisms-pg-primary + replica: dcae-sliceanalysisms-pg-replica + persistence: + mountSubPath: sliceanalysisms/data + mountInitPath: sliceanalysisms + config: + pgUserName: sliceanalysisms + pgDatabase: sliceanalysisms + pgUserExternalSecret: *pgUserCredsSecretName + +# Dependencies +readinessCheck: + wait_for: + services: + - '{{ .Values.postgres.service.name2 }}' + - message-router + +#Pods Service Account +serviceAccount: + nameOverride: dcae-slice-analysis-ms + roles: + - read |